Difference between revisions of "Cross-cutting Criteria"

From CIPedia
Jump to navigation Jump to search
Line 6: Line 6:
 
# economic effects criterion (assessed in terms of the significance of economic loss and/or degradation of products or services; including potential environmental effects);  
 
# economic effects criterion (assessed in terms of the significance of economic loss and/or degradation of products or services; including potential environmental effects);  
 
# public effects criterion (assessed in terms of the impact on public confidence, physical suffering and disruption of daily life; including the loss of essential services).  
 
# public effects criterion (assessed in terms of the impact on public confidence, physical suffering and disruption of daily life; including the loss of essential services).  
</big>
+
</big><br />
 +
<br />
  
 
=== National Definitions ===
 
=== National Definitions ===
 
==== Luxembourg ====
 
==== Luxembourg ====
{{definition|Critères intersectoriels: le nombre de victimes (nombre potentiel de morts ou de blessés); l'incidence économique (ampleur des pertes économiques et/ou de la dégradation de produits ou de services, y compris l'incidence potentielle sur l'environnement); l'incidence sur la population (incidence sur la confiance de la population, souffrances physiques et perturbation de la vie quotidienne, y compris disparition de services essentiels). <ref>[http://www.legilux.public.lu/rgl/2012/A/0449/A.pdf Règlement grand-ducal du 12 mars 2012 portant application de la directive 2008/114/CE du Conseil du 8 décembre 2008 ]</ref>}} Les seuils des critères intersectoriels sont fondés sur la gravité de l'impact de l'arrêt ou de la destruction d'une infrastructure donnée. <br />
+
{{definition|Critères intersectoriels: le nombre de victimes (nombre potentiel de morts ou de blessés); l'incidence économique (ampleur des pertes économiques et/ou de la dégradation de produits ou de services, y compris l'incidence potentielle sur l'environnement); l'incidence sur la population (incidence sur la confiance de la population, souffrances physiques et perturbation de la vie quotidienne, y compris disparition de services essentiels). <ref>[http://www.legilux.public.lu/rgl/2012/A/0449/A.pdf Règlement grand-ducal du 12 mars 2012 portant application de la directive 2008/114/CE du Conseil du 8 décembre 2008 ]</ref>}} <br />
 +
==== Netherlands ====
 +
<big>Since April 2015, The Netherlands recognises <ref>https://www.nctv.nl/actueel/nieuws/kabinet-versterkt-crisisbeheersing.aspx?cp=126&cs=59950 Voortgangsbrief nationale veiligheid 9 april 2015</ref> two categories in criticality of critical infrastructure:<br />
 +
Category A: at least impact on one of the following four impact categories:
 +
# economic impact: > 50.000 million euro costs and damages, or 5.0% decrease in real income
 +
# physical impact: > 10.000 deaths, severely injured or chronically ill
 +
# social-psychological impact: > 1 million persons are emotionally affected or experience serious societal survivability problems (fear, anger, disturbance)
 +
# cascade impact: this disruption causes failure of minimal two other (critical) sectors
  
 +
Category B: at least impact on one of the following three impact categories:
 +
# economic impact: > 5.000 million euro costs and damages, or 1.0% decrease in real income
 +
# physical impact: > 1.000 deaths, severely injured or chronically ill
 +
# social-psychological impact: > 100.000 persons are emotionally affected or experience serious societal survivability problems </big><br />
 +
==== Qatar ====
 +
Criteria for being critical are:
 +
# Identify the organization’s key core business processes and their dependency on assets owned and managed by the organization (e.g., power plant, refinery, general ledger, etc.);
 +
# Use impact severity table to determine an impact score for the loss/non-functioning of each key asset; and
 +
# Classify all assets as critical when the criticality score is greater than twenty (20) according to the impact criteria table in <ref name=Qatar>[http://www.ictqatar.qa/en/file/14706/download?token=TP3dhTml QATAR National Cyber Security Strategy (May 2014)]</ref> <ref name=Q2>[http://www.ictqatar.qa/en/file/14711/download?token=3QAJdSyz الاستراتيجية الوطنية للأمن السيبراني QATAR NCSS - Arabic version (May 2014)]</ref>. 
 +
<br />
  
 
==Notes==
 
==Notes==
Line 18: Line 36:
  
 
[[Category:Consequence]]
 
[[Category:Consequence]]
{{#set:defined by=EU|defined by=Luxembourg}}
+
{{#set:defined by=EU|defined by=Luxembourg|defined by=Netherlands|defined by=Qatar}}

Revision as of 23:46, 24 June 2015

Definitions

European Definitions

Council Directive 2008/114/EC

Cross-cutting criteria may refer to [1]:

  1. casualties criterion (assessed in terms of the potential number of fatalities or injuries);
  2. economic effects criterion (assessed in terms of the significance of economic loss and/or degradation of products or services; including potential environmental effects);
  3. public effects criterion (assessed in terms of the impact on public confidence, physical suffering and disruption of daily life; including the loss of essential services).



National Definitions

Luxembourg

Critères intersectoriels: le nombre de victimes (nombre potentiel de morts ou de blessés); l'incidence économique (ampleur des pertes économiques et/ou de la dégradation de produits ou de services, y compris l'incidence potentielle sur l'environnement); l'incidence sur la population (incidence sur la confiance de la population, souffrances physiques et perturbation de la vie quotidienne, y compris disparition de services essentiels). [2]


Netherlands

Since April 2015, The Netherlands recognises [3] two categories in criticality of critical infrastructure:
Category A: at least impact on one of the following four impact categories:

  1. economic impact: > 50.000 million euro costs and damages, or 5.0% decrease in real income
  2. physical impact: > 10.000 deaths, severely injured or chronically ill
  3. social-psychological impact: > 1 million persons are emotionally affected or experience serious societal survivability problems (fear, anger, disturbance)
  4. cascade impact: this disruption causes failure of minimal two other (critical) sectors

Category B: at least impact on one of the following three impact categories:

  1. economic impact: > 5.000 million euro costs and damages, or 1.0% decrease in real income
  2. physical impact: > 1.000 deaths, severely injured or chronically ill
  3. social-psychological impact: > 100.000 persons are emotionally affected or experience serious societal survivability problems

Qatar

Criteria for being critical are:

  1. Identify the organization’s key core business processes and their dependency on assets owned and managed by the organization (e.g., power plant, refinery, general ledger, etc.);
  2. Use impact severity table to determine an impact score for the loss/non-functioning of each key asset; and
  3. Classify all assets as critical when the criticality score is greater than twenty (20) according to the impact criteria table in [4] [5].


Notes