Difference between revisions of "Asset"
Jump to navigation
Jump to search
(→Czech Republic) |
|||
Line 26: | Line 26: | ||
===Standard Definition=== | ===Standard Definition=== | ||
+ | ====[[IETF]]==== | ||
+ | {{definition|A system resource that is (a) required to be protected by an information system's security policy, (b) intended to be protected by a countermeasure, or (c) required for a system's mission.<ref name="IETFrefs"> [https://tools.ietf.org/html/rfc4949 IETF RFC449 Internet Security Glossary 2]</ref>}}<br /> | ||
+ | |||
==== [[ISO|ISO/IEC 27000:2012]] ==== | ==== [[ISO|ISO/IEC 27000:2012]] ==== | ||
{{definition| Anything that has value to the organization. <ref name="ISO27000-12"> [http://www.iso.org/iso/catalogue_detail?csnumber=56891 ISO/IEC 27000:2012, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary]</ref>}} | {{definition| Anything that has value to the organization. <ref name="ISO27000-12"> [http://www.iso.org/iso/catalogue_detail?csnumber=56891 ISO/IEC 27000:2012, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary]</ref>}} | ||
Line 41: | Line 44: | ||
[[Category:Risk]] | [[Category:Risk]] | ||
− | {{#set:defined by=ENISA|defined by=Canada|defined by=Czech Republic|defined by=Kingdom of Saudi Arabia|defined by=United States|defined by=ISO}} | + | {{#set:defined by=ENISA|defined by=Canada|defined by=Czech Republic|defined by=Kingdom of Saudi Arabia|defined by=United States|defined by=IETF|defined by=ISO}} |
Revision as of 17:17, 7 February 2016
Contents
Definitions
European Definitions
ENISA
Anything that has value to the organization, its business operations and their continuity, including Information resources that support the organization's mission. [1]
National Definitions
Canada
A person, structure, facility, information, material or process that has value.
Personne, structure, installation, information, matériel ou processus ayant de la valeur. [2]
Personne, structure, installation, information, matériel ou processus ayant de la valeur. [2]
Czech Republic
Cokoliv, co má hodnotu pro jednotlivce, organizaci nebo veřejnou správu. [3]
Anything that has value to an individual, company or public administration. [4]
Anything that has value to an individual, company or public administration. [4]
Kingdom of Saudi Arabia
A major application, general support system, high impact program, physical plant,mission critical system, personnel, equipment, or a logically related group of systems. [5]
United States
DHS
Person, structure, facility, information, material, or process that has value. [6]
NIST
A major application, general support system, high impact program,physical plant, mission critical system, personnel, equipment, or a logically related group of systems. [7]
Standard Definition
IETF
A system resource that is (a) required to be protected by an information system's security policy, (b) intended to be protected by a countermeasure, or (c) required for a system's mission.[8]
ISO/IEC 27000:2012
Anything that has value to the organization. [9]
This definition has been removed in the revised version of the standard in 2014. [10]
See also
Notes
- ↑ ENISA Risk Glossary
- ↑ Vocabulaire de la gestion des urgencies/Emergency Management Emergency Management Vocabulary 281 (2012)
- ↑ http://www.govcert.cz/download/nodeid-561 Výkladový slovník kybernetické bezpečnosti (2013)
- ↑ Cyber Security Explanatory Glossary (2013)
- ↑ Developing National Information Security Strategy for the Kingdom of Saudi Arabia NISS draft 7
- ↑ DHS Risk Lexicon 2010 Edition, September 2010
- ↑ NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013
- ↑ IETF RFC449 Internet Security Glossary 2
- ↑ ISO/IEC 27000:2012, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
- ↑ ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary