Difference between revisions of "Asset"
Jump to navigation
Jump to search
(→United States) |
(→Notes) |
||
Line 52: | Line 52: | ||
[[Category:Risk]] | [[Category:Risk]] | ||
− | {{#set:defined by=ENISA|defined by=Canada|defined by=Czech Republic|defined by=Kingdom of Saudi Arabia|defined by=United Arab Emiratesdefined by=United States|defined by=IETF|defined by=ISO|defined by=NIST|defined by=EU project}} | + | {{#set:defined by=ENISA|defined by=Canada|defined by=Czech Republic|defined by=Kingdom of Saudi Arabia|defined by=United Arab Emiratesdefined by=United States|defined by=IETF|defined by=ISO|defined by=NIST|defined by=EU project|defined by=US-CERT}} |
Revision as of 09:39, 13 September 2017
Contents
Definitions
European Definitions
ENISA
Anything that has value to the organization, its business operations and their continuity, including Information resources that support the organization's mission. [1]
EU project
An asset is a CIP and CIP-related methodology, method, platform, test bed, infrastructure, research tool, technology, model, data source, report, and any other form of CIP- and modelling, simulation and analysis (MS&A) expertise. [2]
National Definitions
Canada
A person, structure, facility, information, material or process that has value.
Personne, structure, installation, information, matériel ou processus ayant de la valeur. [3]
Personne, structure, installation, information, matériel ou processus ayant de la valeur. [3]
Czech Republic
Cokoliv, co má hodnotu pro jednotlivce, organizaci nebo veřejnou správu. [4]
Anything that has value to an individual, company or public administration. [5]
Anything that has value to an individual, company or public administration. [5]
Kingdom of Saudi Arabia
Asset is a major application, general support system, high impact program, physical plant,mission critical system, personnel, equipment, or a logically related group of systems. [6]
United Arab Emirates
Asset: Any tangible or intangible value (people, property, information) to the organisation. [7]
United States
DHS
An assets is a person, structure, facility, information, material, or process that has value. [8]
NIST
A major application, general support system, high impact program, physical plant, mission critical system, personnel, equipment, or a logically related group of systems. [9]
US-CERT
Something of value to an organization; typically, people, information, technology, and facilities that the critical services relies on. [10]
One of the foundational principles of the CRR design is the idea that an organization deploys its assets (i.e., people, information, technology, and facilities) to support specific operational missions. Failure in any of these assets may result in a cascading impact on related business processes, services, and the organization’s mission.
Standard Definition
ISO/IEC 27000:2012
Anything that has value to the organization. [11]
This definition has been removed in the revised version of the standard in 2014. [12]
IETF
A system resource that is (a) required to be protected by an information system's security policy, (b) intended to be protected by a countermeasure, or (c) required for a system's mission. [13]
See also
Notes
- ↑ ENISA Risk Glossary
- ↑ CIPRNet Deliverable D4.3
- ↑ Vocabulaire de la gestion des urgencies/Emergency Management Emergency Management Vocabulary 281 (2012)
- ↑ Výkladový slovník kybernetické bezpečnosti (2013)
- ↑ Cyber Security Explanatory Glossary (2013)
- ↑ Developing National Information Security Strategy for the Kingdom of Saudi Arabia NISS draft 7
- ↑ Abu Dhabi Safety and Security Planning Manual
- ↑ DHS Risk Lexicon 2010 Edition, September 2010
- ↑ NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013
- ↑ Cyber Resilience Review (CRR): Method Description and Self-Assessment User Guide (2016)
- ↑ ISO/IEC 27000:2012, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
- ↑ ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
- ↑ IETF RFC449 Internet Security Glossary 2