Difference between revisions of "Cross-cutting Criteria"
Jump to navigation
Jump to search
Line 6: | Line 6: | ||
# economic effects criterion (assessed in terms of the significance of economic loss and/or degradation of products or services; including potential environmental effects); | # economic effects criterion (assessed in terms of the significance of economic loss and/or degradation of products or services; including potential environmental effects); | ||
# public effects criterion (assessed in terms of the impact on public confidence, physical suffering and disruption of daily life; including the loss of essential services). | # public effects criterion (assessed in terms of the impact on public confidence, physical suffering and disruption of daily life; including the loss of essential services). | ||
− | </big> | + | </big><br /> |
+ | <br /> | ||
=== National Definitions === | === National Definitions === | ||
==== Luxembourg ==== | ==== Luxembourg ==== | ||
− | {{definition|Critères intersectoriels: le nombre de victimes (nombre potentiel de morts ou de blessés); l'incidence économique (ampleur des pertes économiques et/ou de la dégradation de produits ou de services, y compris l'incidence potentielle sur l'environnement); l'incidence sur la population (incidence sur la confiance de la population, souffrances physiques et perturbation de la vie quotidienne, y compris disparition de services essentiels). <ref>[http://www.legilux.public.lu/rgl/2012/A/0449/A.pdf Règlement grand-ducal du 12 mars 2012 portant application de la directive 2008/114/CE du Conseil du 8 décembre 2008 ]</ref>}} | + | {{definition|Critères intersectoriels: le nombre de victimes (nombre potentiel de morts ou de blessés); l'incidence économique (ampleur des pertes économiques et/ou de la dégradation de produits ou de services, y compris l'incidence potentielle sur l'environnement); l'incidence sur la population (incidence sur la confiance de la population, souffrances physiques et perturbation de la vie quotidienne, y compris disparition de services essentiels). <ref>[http://www.legilux.public.lu/rgl/2012/A/0449/A.pdf Règlement grand-ducal du 12 mars 2012 portant application de la directive 2008/114/CE du Conseil du 8 décembre 2008 ]</ref>}} <br /> |
+ | ==== Netherlands ==== | ||
+ | <big>Since April 2015, The Netherlands recognises <ref>https://www.nctv.nl/actueel/nieuws/kabinet-versterkt-crisisbeheersing.aspx?cp=126&cs=59950 Voortgangsbrief nationale veiligheid 9 april 2015</ref> two categories in criticality of critical infrastructure:<br /> | ||
+ | Category A: at least impact on one of the following four impact categories: | ||
+ | # economic impact: > 50.000 million euro costs and damages, or 5.0% decrease in real income | ||
+ | # physical impact: > 10.000 deaths, severely injured or chronically ill | ||
+ | # social-psychological impact: > 1 million persons are emotionally affected or experience serious societal survivability problems (fear, anger, disturbance) | ||
+ | # cascade impact: this disruption causes failure of minimal two other (critical) sectors | ||
+ | Category B: at least impact on one of the following three impact categories: | ||
+ | # economic impact: > 5.000 million euro costs and damages, or 1.0% decrease in real income | ||
+ | # physical impact: > 1.000 deaths, severely injured or chronically ill | ||
+ | # social-psychological impact: > 100.000 persons are emotionally affected or experience serious societal survivability problems </big><br /> | ||
+ | ==== Qatar ==== | ||
+ | Criteria for being critical are: | ||
+ | # Identify the organization’s key core business processes and their dependency on assets owned and managed by the organization (e.g., power plant, refinery, general ledger, etc.); | ||
+ | # Use impact severity table to determine an impact score for the loss/non-functioning of each key asset; and | ||
+ | # Classify all assets as critical when the criticality score is greater than twenty (20) according to the impact criteria table in <ref name=Qatar>[http://www.ictqatar.qa/en/file/14706/download?token=TP3dhTml QATAR National Cyber Security Strategy (May 2014)]</ref> <ref name=Q2>[http://www.ictqatar.qa/en/file/14711/download?token=3QAJdSyz الاستراتيجية الوطنية للأمن السيبراني QATAR NCSS - Arabic version (May 2014)]</ref>. | ||
+ | <br /> | ||
==Notes== | ==Notes== | ||
Line 18: | Line 36: | ||
[[Category:Consequence]] | [[Category:Consequence]] | ||
− | {{#set:defined by=EU|defined by=Luxembourg}} | + | {{#set:defined by=EU|defined by=Luxembourg|defined by=Netherlands|defined by=Qatar}} |
Revision as of 00:46, 25 June 2015
Contents
Definitions
European Definitions
Council Directive 2008/114/EC
Cross-cutting criteria may refer to [1]:
- casualties criterion (assessed in terms of the potential number of fatalities or injuries);
- economic effects criterion (assessed in terms of the significance of economic loss and/or degradation of products or services; including potential environmental effects);
- public effects criterion (assessed in terms of the impact on public confidence, physical suffering and disruption of daily life; including the loss of essential services).
National Definitions
Luxembourg
Critères intersectoriels: le nombre de victimes (nombre potentiel de morts ou de blessés); l'incidence économique (ampleur des pertes économiques et/ou de la dégradation de produits ou de services, y compris l'incidence potentielle sur l'environnement); l'incidence sur la population (incidence sur la confiance de la population, souffrances physiques et perturbation de la vie quotidienne, y compris disparition de services essentiels). [2]
Netherlands
Since April 2015, The Netherlands recognises [3] two categories in criticality of critical infrastructure:
Category A: at least impact on one of the following four impact categories:
- economic impact: > 50.000 million euro costs and damages, or 5.0% decrease in real income
- physical impact: > 10.000 deaths, severely injured or chronically ill
- social-psychological impact: > 1 million persons are emotionally affected or experience serious societal survivability problems (fear, anger, disturbance)
- cascade impact: this disruption causes failure of minimal two other (critical) sectors
Category B: at least impact on one of the following three impact categories:
- economic impact: > 5.000 million euro costs and damages, or 1.0% decrease in real income
- physical impact: > 1.000 deaths, severely injured or chronically ill
- social-psychological impact: > 100.000 persons are emotionally affected or experience serious societal survivability problems
Qatar
Criteria for being critical are:
- Identify the organization’s key core business processes and their dependency on assets owned and managed by the organization (e.g., power plant, refinery, general ledger, etc.);
- Use impact severity table to determine an impact score for the loss/non-functioning of each key asset; and
- Classify all assets as critical when the criticality score is greater than twenty (20) according to the impact criteria table in [4] [5].
Notes
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Règlement grand-ducal du 12 mars 2012 portant application de la directive 2008/114/CE du Conseil du 8 décembre 2008
- ↑ https://www.nctv.nl/actueel/nieuws/kabinet-versterkt-crisisbeheersing.aspx?cp=126&cs=59950 Voortgangsbrief nationale veiligheid 9 april 2015
- ↑ QATAR National Cyber Security Strategy (May 2014)
- ↑ الاستراتيجية الوطنية للأمن السيبراني QATAR NCSS - Arabic version (May 2014)