Difference between revisions of "Control"
(→European Project Definitions) |
|||
Line 7: | Line 7: | ||
=== European Project Definitions === | === European Project Definitions === | ||
==== CIPRNet project ==== | ==== CIPRNet project ==== | ||
− | {{quote-ciprnet|Control is a [[measure]] that is modifying [[risk]]. }} | + | {{quote-ciprnet|Control is a [[measure]] that is modifying [[risk]]. }} |
+ | <br/> | ||
+ | |||
=== Other International Definitions === | === Other International Definitions === | ||
==== IPCC ==== | ==== IPCC ==== |
Revision as of 16:10, 21 December 2016
This term is usually synomymous to the term "Countermeasure", "Safeguard" or "Measure". Controls are usually considered as means to mitigate risk.
Contents
Definitions
European Definitions
2009/72/EC
European Project Definitions
CIPRNet project
The CIPRNet project [2] uses the following definition:
Other International Definitions
IPCC
For example renewable energy technologies, waste minimization processes, public transport commuting practices, etc.
UNISDR
UNISDR does not use the term "control". It defines two types of "measures": Structural and Non-structural measures [4].
Note that in civil and structural engineering, the term “structural” is used in a more restricted sense to mean just the load-bearing structure, with other parts such as wall cladding and interior fittings being termed non-structural.
National Definitions
Albania
Argentina
Australia
Czech Republic
Control means control of a risk, including all policies, procedures, directives, usual procedures (practices) or organizational structures, which may be of an administrative, technological, management or legal character. [9]
United Kingdom
United States
NIST
Synonymous with security controls and safeguards.
Standard Definition
IETF
ISO/IEC 27000:2014 and ISO 31000:2009
The standard notes that:
- Controls include any process, policy, device, practice, or other actions which modify risk.
- Controls may not always exert the intended or assumed modifying effect.
Each control is usually associated to a control objective, which is a statement describing what is to be achieved as a result of implementing the control.
See also
Notes
- ↑ ENTSO-E Glossary of Terms
- ↑ http://www.ciprnet.eu/
- ↑ IPCC
- ↑ 2009 UNISDR Terminology on Disaster Risk Reduction, United Nations International Strategy for Disaster Reduction (UNISDR), Geneva, Switzerland, May 2009.
- ↑ PROJEKT LIGJ PËR SIGURINË KIBERNETIKE
- ↑ Oficina Nacional de Tecnologías de Información ADMINISTRACION PUBLICA NACIONAL Disposición 3/2013 - Apruébase la “Política de Seguridad de la Información Modelo” (2013)
- ↑ Australian Emergency Management Glossary, Emergency Management Australia (1998)
- ↑ http://www.govcert.cz/download/nodeid-561 Výkladový slovník kybernetické bezpečnosti (2013)
- ↑ http://www.govcert.cz/download/nodeid-561 Výkladový slovník kybernetické bezpečnosti (2013)
- ↑ Glossary - Revision to Emergency Preparedness, Cabinet Office (2012)
- ↑ NIST Special Publication 800-53 Rev 4: Security and Privacy Controls for Federal Information Systems and Organizations (April 2013)
- ↑ IETF RFC449 Internet Security Glossary 2
- ↑ ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary