Difference between revisions of "Asset"
Jump to navigation
Jump to search
(→Standard Definition) |
|||
| Line 2: | Line 2: | ||
=== European Definitions === | === European Definitions === | ||
====[[ENISA]]==== | ====[[ENISA]]==== | ||
| − | {{definition|Anything that has value to the organization, its business operations and their continuity, including Information resources that support the organization's mission. <ref name="ENISAGlos"> [http://www.enisa.europa.eu/activities/risk-management/current-risk/risk-management-inventory/glossary ENISA Risk Glossary]</ref>}}<br /> | + | {{definition|Anything that has value to the organization, its business operations and their continuity, including Information resources that support the organization's mission. <ref name="ENISAGlos">[http://www.enisa.europa.eu/activities/risk-management/current-risk/risk-management-inventory/glossary ENISA Risk Glossary]</ref>}}<br /> |
====[[EU Project]]==== | ====[[EU Project]]==== | ||
{{definition|An asset is a [[Critical Infrastructure Protection|CIP]] and CIP-related methodology, method, platform, test bed, infrastructure, research tool, technology, model, data source, report, and any other form of CIP- and modelling, simulation and analysis (MS&A) expertise. <ref>CIPRNet Deliverable D4.3</ref>}}<br /> | {{definition|An asset is a [[Critical Infrastructure Protection|CIP]] and CIP-related methodology, method, platform, test bed, infrastructure, research tool, technology, model, data source, report, and any other form of CIP- and modelling, simulation and analysis (MS&A) expertise. <ref>CIPRNet Deliverable D4.3</ref>}}<br /> | ||
| Line 37: | Line 37: | ||
<big>This definition has been removed in the revised version of the standard in 2014. <ref name="ISO27000-14">[http://www.iso.org/iso/home/store/catalogue_ics/catalogue_detail_ics.htm?csnumber=63411 ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary]</ref></big><br /> | <big>This definition has been removed in the revised version of the standard in 2014. <ref name="ISO27000-14">[http://www.iso.org/iso/home/store/catalogue_ics/catalogue_detail_ics.htm?csnumber=63411 ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary]</ref></big><br /> | ||
====[[IETF]]==== | ====[[IETF]]==== | ||
| − | {{definition|A system resource that is (a) required to be protected by an information system's security policy, (b) intended to be protected by a countermeasure, or (c) required for a system's mission.<ref name="IETFrefs"> [https://tools.ietf.org/html/rfc4949 IETF RFC449 Internet Security Glossary 2]</ref>}}<br /> | + | {{definition|A system resource that is (a) required to be protected by an information system's security policy, (b) intended to be protected by a countermeasure, or (c) required for a system's mission. <ref name="IETFrefs">[https://tools.ietf.org/html/rfc4949 IETF RFC449 Internet Security Glossary 2]</ref>}}<br /> |
==See also== | ==See also== | ||
Revision as of 22:28, 12 May 2017
Contents
Definitions
European Definitions
ENISA
Anything that has value to the organization, its business operations and their continuity, including Information resources that support the organization's mission. [1]
EU Project
An asset is a CIP and CIP-related methodology, method, platform, test bed, infrastructure, research tool, technology, model, data source, report, and any other form of CIP- and modelling, simulation and analysis (MS&A) expertise. [2]
National Definitions
Canada
A person, structure, facility, information, material or process that has value.
Personne, structure, installation, information, matériel ou processus ayant de la valeur. [3]
Personne, structure, installation, information, matériel ou processus ayant de la valeur. [3]
Czech Republic
Cokoliv, co má hodnotu pro jednotlivce, organizaci nebo veřejnou správu. [4]
Anything that has value to an individual, company or public administration. [5]
Anything that has value to an individual, company or public administration. [5]
Kingdom of Saudi Arabia
Asset is a major application, general support system, high impact program, physical plant,mission critical system, personnel, equipment, or a logically related group of systems. [6]
United Arab Emirates
Asset: Any tangible or intangible value (people, property, information) to the organisation. [7]
United States
DHS
Person, structure, facility, information, material, or process that has value. [8]
NIST
A major application, general support system, high impact program, physical plant, mission critical system, personnel, equipment, or a logically related group of systems. [9]
Standard Definition
ISO/IEC 27000:2012
Anything that has value to the organization. [10]
This definition has been removed in the revised version of the standard in 2014. [11]
IETF
A system resource that is (a) required to be protected by an information system's security policy, (b) intended to be protected by a countermeasure, or (c) required for a system's mission. [12]
See also
Notes
- ↑ ENISA Risk Glossary
- ↑ CIPRNet Deliverable D4.3
- ↑ Vocabulaire de la gestion des urgencies/Emergency Management Emergency Management Vocabulary 281 (2012)
- ↑ Výkladový slovník kybernetické bezpečnosti (2013)
- ↑ Cyber Security Explanatory Glossary (2013)
- ↑ Developing National Information Security Strategy for the Kingdom of Saudi Arabia NISS draft 7
- ↑ Abu Dhabi Safety and Security Planning Manual
- ↑ DHS Risk Lexicon 2010 Edition, September 2010
- ↑ NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013
- ↑ ISO/IEC 27000:2012, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
- ↑ ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
- ↑ IETF RFC449 Internet Security Glossary 2
