Difference between revisions of "Asset"
Jump to navigation
Jump to search
(→ISO/IEC 27000:2012) |
(→Standard Definition) |
||
Line 33: | Line 33: | ||
===Standard Definition=== | ===Standard Definition=== | ||
− | |||
− | |||
− | |||
==== [[ISO|ISO/IEC 27000:2012]] ==== | ==== [[ISO|ISO/IEC 27000:2012]] ==== | ||
{{definition| Anything that has value to the organization. <ref name="ISO27000-12">[http://www.iso.org/iso/catalogue_detail?csnumber=56891 ISO/IEC 27000:2012, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary]</ref>}} | {{definition| Anything that has value to the organization. <ref name="ISO27000-12">[http://www.iso.org/iso/catalogue_detail?csnumber=56891 ISO/IEC 27000:2012, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary]</ref>}} | ||
<big>This definition has been removed in the revised version of the standard in 2014. <ref name="ISO27000-14">[http://www.iso.org/iso/home/store/catalogue_ics/catalogue_detail_ics.htm?csnumber=63411 ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary]</ref></big><br /> | <big>This definition has been removed in the revised version of the standard in 2014. <ref name="ISO27000-14">[http://www.iso.org/iso/home/store/catalogue_ics/catalogue_detail_ics.htm?csnumber=63411 ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary]</ref></big><br /> | ||
+ | ====[[IETF]]==== | ||
+ | {{definition|A system resource that is (a) required to be protected by an information system's security policy, (b) intended to be protected by a countermeasure, or (c) required for a system's mission.<ref name="IETFrefs"> [https://tools.ietf.org/html/rfc4949 IETF RFC449 Internet Security Glossary 2]</ref>}}<br /> | ||
==See also== | ==See also== |
Revision as of 23:45, 9 May 2017
Contents
Definitions
European Definitions
ENISA
Anything that has value to the organization, its business operations and their continuity, including Information resources that support the organization's mission. [1]
EU Project
An asset is a CIP and CIP-related methodology, method, platform, test bed, infrastructure, research tool, technology, model, data source, report, and any other form of CIP- and modelling, simulation and analysis (MS&A) expertise. [2]
National Definitions
Canada
A person, structure, facility, information, material or process that has value.
Personne, structure, installation, information, matériel ou processus ayant de la valeur. [3]
Personne, structure, installation, information, matériel ou processus ayant de la valeur. [3]
Czech Republic
Cokoliv, co má hodnotu pro jednotlivce, organizaci nebo veřejnou správu. [4]
Anything that has value to an individual, company or public administration. [5]
Anything that has value to an individual, company or public administration. [5]
Kingdom of Saudi Arabia
Asset is a major application, general support system, high impact program, physical plant,mission critical system, personnel, equipment, or a logically related group of systems. [6]
United Arab Emirates
Asset: Any tangible or intangible value (people, property, information) to the organisation. [7]
United States
DHS
Person, structure, facility, information, material, or process that has value. [8]
NIST
A major application, general support system, high impact program, physical plant, mission critical system, personnel, equipment, or a logically related group of systems. [9]
Standard Definition
ISO/IEC 27000:2012
Anything that has value to the organization. [10]
This definition has been removed in the revised version of the standard in 2014. [11]
IETF
A system resource that is (a) required to be protected by an information system's security policy, (b) intended to be protected by a countermeasure, or (c) required for a system's mission.[12]
See also
Notes
- ↑ ENISA Risk Glossary
- ↑ CIPRNet Deliverable D4.3
- ↑ Vocabulaire de la gestion des urgencies/Emergency Management Emergency Management Vocabulary 281 (2012)
- ↑ Výkladový slovník kybernetické bezpečnosti (2013)
- ↑ Cyber Security Explanatory Glossary (2013)
- ↑ Developing National Information Security Strategy for the Kingdom of Saudi Arabia NISS draft 7
- ↑ Abu Dhabi Safety and Security Planning Manual
- ↑ DHS Risk Lexicon 2010 Edition, September 2010
- ↑ NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013
- ↑ ISO/IEC 27000:2012, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
- ↑ ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
- ↑ IETF RFC449 Internet Security Glossary 2