Difference between revisions of "Incident"

From CIPedia
Jump to navigation Jump to search
(Canada)
Line 13: Line 13:
  
 
====Czech Republic====
 
====Czech Republic====
{{definition|Incident in the ICT environment assumed to be an [[event]] which is usually related to the outage of a network, service, or to a deterioration of its quality (V prostředí ICT je incidentem myšlena událost, která je obvykle spojená s výpadkem sítě, služby nebo se zhoršením jejich kvality)<ref> [http://www.govcert.cz/download/nodeid-3555/ Cyber Security Explanatory Glossary (2013)]</ref>}}
+
{{definition|Incident in the ICT environment assumed to be an [[event]] which is usually related to the outage of a network, service, or to a deterioration of its quality (V prostředí ICT je incidentem myšlena událost, která je obvykle spojená s výpadkem sítě, služby nebo se zhoršením jejich kvality). <ref> [http://www.govcert.cz/download/nodeid-3555/ Cyber Security Explanatory Glossary (2013)]</ref>}}
 
<br />  
 
<br />  
 
==== Lithuania ====
 
==== Lithuania ====
{{definition|Incident shall mean an [[event]], act or omission which gives rise or may give rise to an unauthorized access to an information system or electronic communications network, [[disruption]] or change of the operation (including takeover of control) of an information system or electronic communications network, destruction, [[damage]], deletion or the change of electronic information, removal or limiting of the possibility to use electronic information and, also, which gives rise or may give rise to the appropriation, publication, dissemination or any other use of non-public electronic information by persons unauthorized to do so.<ref>[http://www.ird.lt/doc/teises_aktai_en/EIS%28KS%29PP_796_2011-06-29_EN_PATAIS.pdf GOVERNMENT OF THE REPUBLIC OF LITHUANIA RESOLUTION NO 796 of 29 June 2011 ON THE APPROVAL OF THE PROGRAMME FOR THE DEVELOPMENT OF ELECTRONIC INFORMATION SECURITY (CYBER-SECURITY) FOR 2011–2019]</ref>}}  
+
{{definition|Incident shall mean an [[event]], act or omission which gives rise or may give rise to an unauthorized access to an information system or electronic communications network, [[disruption]] or change of the operation (including takeover of control) of an information system or electronic communications network, destruction, [[damage]], deletion or the change of electronic information, removal or limiting of the possibility to use electronic information and, also, which gives rise or may give rise to the appropriation, publication, dissemination or any other use of non-public electronic information by persons unauthorized to do so. <ref>[http://www.ird.lt/doc/teises_aktai_en/EIS%28KS%29PP_796_2011-06-29_EN_PATAIS.pdf GOVERNMENT OF THE REPUBLIC OF LITHUANIA RESOLUTION NO 796 of 29 June 2011 ON THE APPROVAL OF THE PROGRAMME FOR THE DEVELOPMENT OF ELECTRONIC INFORMATION SECURITY (CYBER-SECURITY) FOR 2011–2019]</ref>}}  
 
<br />
 
<br />
 
==== New Zealand ====
 
==== New Zealand ====
{{definition|Incident is (1) an occurrence that needs a response from one or more agencies (it may or may not be an [[emergency]]); (2) the first official level of agency response.<ref name="CIMS">[http://www.civildefence.govt.nz/assets/Uploads/publications/CIMS-2nd-edition.pdf The New Zealand Coordinated Incident Management System, Department of the Prime Minister and Cabinet, New Zealand. (2014)]</ref>}}<br />
+
{{definition|Incident is (1) an occurrence that needs a response from one or more agencies (it may or may not be an [[emergency]]); (2) the first official level of agency response. <ref name="CIMS">[http://www.civildefence.govt.nz/assets/Uploads/publications/CIMS-2nd-edition.pdf The New Zealand Coordinated Incident Management System, Department of the Prime Minister and Cabinet, New Zealand. (2014)]</ref>}}<br />
 +
 
 +
====Singapore====
 +
{{definition|An [[event]] that occurs by chance or due to a combination of unforeseen circumstances, which, if not handled in an appropriate manner, can escalate into an [[emergency]] or [[disaster]]. <ref>Singapore Standard SS 540: 2008 on Business Continuity</ref>}}
 +
An [[incident]] precedes an [[emergency]] or [[disaster]]. <br />  
  
 
==== United States ====
 
==== United States ====
 
=====DHS=====
 
=====DHS=====
{{definition|An occurrence, caused by either human action or natural phenomenon, that may cause [[harm]] and require action, which can include major [[disaster|disasters]], [[emergency|emergencies]], [[terrorism|terrorist]] attacks, [[terrorism|terrorist]] threats, wild and urban fires, floods, hazardous materials spills, nuclear accidents, aircraft accidents, earthquakes, hurricanes, tornadoes, tropical storms, war-related disasters, public health and medical emergencies, cyber attacks, cyber failure/accident, and other occurrences requiring an emergency response <ref name="DHSLex"> [http://www.dhs.gov/xlibrary/assets/dhs-risk-lexicon-2010.pdf DHS Risk Lexicon 2010 Edition, September 2010]</ref>.}}<br />
+
{{definition|An occurrence, caused by either human action or natural phenomenon, that may cause [[harm]] and require action, which can include major [[disaster|disasters]], [[emergency|emergencies]], [[terrorism|terrorist]] attacks, [[terrorism|terrorist]] threats, wild and urban fires, floods, hazardous materials spills, nuclear accidents, aircraft accidents, earthquakes, hurricanes, tornadoes, tropical storms, war-related disasters, public health and medical emergencies, cyber attacks, cyber failure/accident, and other occurrences requiring an emergency response. <ref name="DHSLex"> [http://www.dhs.gov/xlibrary/assets/dhs-risk-lexicon-2010.pdf DHS Risk Lexicon 2010 Edition, September 2010]</ref>}}<br />
  
 
=====NIST=====
 
=====NIST=====
{{definition|A violation or imminent [[threat]] of violation of computer security policies, acceptable use policies, or standard security practices.<ref name="NISTIR7298"> [http://nvlpubs.nist.gov/nistpubs/ir/2013/NIST.IR.7298r2.pdf NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013/ NIST SP 800-61]</ref>}}
+
{{definition|A violation or imminent [[threat]] of violation of computer security policies, acceptable use policies, or standard security practices. <ref name="NISTIR7298"> [http://nvlpubs.nist.gov/nistpubs/ir/2013/NIST.IR.7298r2.pdf NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013/ NIST SP 800-61]</ref>}}
 
This document points to several ICT-related definitions of incident.<br />
 
This document points to several ICT-related definitions of incident.<br />
  
Line 33: Line 37:
 
<br />
 
<br />
 
<br />
 
<br />
 +
 +
===Standard Definition===
 +
==== ISO/PAS 22399:2007 ====
 +
{{definition|[[Event]] that might be, or could lead to, an operational interruption, [[disruption]], loss, [[emergency]] or [[crisis]]. <ref>[http://www.iso.org/iso/catalogue_detail?csnumber=50295 ISO/PAS 22399:2007 Societal security - Guideline for incident preparedness and operational continuity management.]</ref>}}<br />
  
 
===Other Definitions===
 
===Other Definitions===
Line 39: Line 47:
 
{{definition|Incident: Événement qui exige une intervention d'urgence afin de protéger les personnes, les biens, l’environnement, l’économie ou les services. <ref name="Ontario">[https://www.emergencymanagementontario.ca/english/emcommunity/response_resources/GlossaryOfTerms/glossary_of_terms.html Province of Ontario’s Emergency Management Glossary of Terms ]</ref>}}<br />
 
{{definition|Incident: Événement qui exige une intervention d'urgence afin de protéger les personnes, les biens, l’environnement, l’économie ou les services. <ref name="Ontario">[https://www.emergencymanagementontario.ca/english/emcommunity/response_resources/GlossaryOfTerms/glossary_of_terms.html Province of Ontario’s Emergency Management Glossary of Terms ]</ref>}}<br />
  
===Standard Definition===
 
==== ISO/PAS 22399:2007 ====
 
{{definition|[[Event]] that might be, or could lead to, an operational interruption, [[disruption]], loss, [[emergency]] or [[crisis]]. <ref>[http://www.iso.org/iso/catalogue_detail?csnumber=50295 ISO/PAS 22399:2007 Societal security - Guideline for incident preparedness and operational continuity management.]</ref>}}
 
  
====SS 540:2008 ====
 
{{definition|An [[event]] that occurs by chance or due to a combination of unforeseen circumstances, which, if not handled in an appropriate manner, can escalate into an [[emergency]] or [[disaster]]. <ref>Singapore Standard SS 540: 2008 on Business Continuity</ref>}}
 
An [[incident]] precedes an [[emergency]] or [[disaster]]. <br />
 
<br />
 
  
 
==See also==
 
==See also==
Line 61: Line 62:
  
 
[[Category:Event]]
 
[[Category:Event]]
 +
{{#set:defined by=Australia|defined by=Canada|defined by=Czech Republic|defined by=Lithunia|defined by=New Zealand|defined by=Singapore|defined by=United States|defined by=ISO|defined by=Ontario}}

Revision as of 17:56, 10 June 2015

Definitions

European Definitions

Other International Definitions

National Definitions

Australia

Incident is an emergency event or series of events which requires a response from one or more of the statutory response agencies. [1]


Canada

An event caused by either human action or a natural phenomenon that requires a response to prevent or minimize loss of life or damage to property or the environment and reduce economic and social losses.

Événement d’origine humaine ou causé par un phénomène naturel qui nécessite une intervention afin de prévenir ou de réduire au minimum les décès et les dommages aux biens et à l’environnement et de réduire les pertes économiques et sociales. [2]


Czech Republic

Incident in the ICT environment assumed to be an event which is usually related to the outage of a network, service, or to a deterioration of its quality (V prostředí ICT je incidentem myšlena událost, která je obvykle spojená s výpadkem sítě, služby nebo se zhoršením jejich kvality). [3]


Lithuania

Incident shall mean an event, act or omission which gives rise or may give rise to an unauthorized access to an information system or electronic communications network, disruption or change of the operation (including takeover of control) of an information system or electronic communications network, destruction, damage, deletion or the change of electronic information, removal or limiting of the possibility to use electronic information and, also, which gives rise or may give rise to the appropriation, publication, dissemination or any other use of non-public electronic information by persons unauthorized to do so. [4]


New Zealand

Incident is (1) an occurrence that needs a response from one or more agencies (it may or may not be an emergency); (2) the first official level of agency response. [5]


Singapore

An event that occurs by chance or due to a combination of unforeseen circumstances, which, if not handled in an appropriate manner, can escalate into an emergency or disaster. [6]

An incident precedes an emergency or disaster.

United States

DHS
An occurrence, caused by either human action or natural phenomenon, that may cause harm and require action, which can include major disasters, emergencies, terrorist attacks, terrorist threats, wild and urban fires, floods, hazardous materials spills, nuclear accidents, aircraft accidents, earthquakes, hurricanes, tornadoes, tropical storms, war-related disasters, public health and medical emergencies, cyber attacks, cyber failure/accident, and other occurrences requiring an emergency response. [7]


NIST
A violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices. [8]

This document points to several ICT-related definitions of incident.

NFPA-1600
An event that has the potential to cause interruption, disruption, loss, emergency, crisis, disaster, or catastrophe. [9]



Standard Definition

ISO/PAS 22399:2007

Event that might be, or could lead to, an operational interruption, disruption, loss, emergency or crisis. [10]


Other Definitions

Ontario (Canada)

Incident is an occurrence or event that requires an emergency response to protect people, property, the environment, the economy and/or services. [11]


Incident: Événement qui exige une intervention d'urgence afin de protéger les personnes, les biens, l’environnement, l’économie ou les services. [11]



See also

Notes

  1. Multi-agency incident management, Emergency Management Australia (1998)
  2. Vocabulaire de la gestion des urgencies/Emergency Management Emergency Management Vocabulary 281 (2012)
  3. Cyber Security Explanatory Glossary (2013)
  4. GOVERNMENT OF THE REPUBLIC OF LITHUANIA RESOLUTION NO 796 of 29 June 2011 ON THE APPROVAL OF THE PROGRAMME FOR THE DEVELOPMENT OF ELECTRONIC INFORMATION SECURITY (CYBER-SECURITY) FOR 2011–2019
  5. The New Zealand Coordinated Incident Management System, Department of the Prime Minister and Cabinet, New Zealand. (2014)
  6. Singapore Standard SS 540: 2008 on Business Continuity
  7. DHS Risk Lexicon 2010 Edition, September 2010
  8. NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013/ NIST SP 800-61
  9. NFPA-1600
  10. ISO/PAS 22399:2007 Societal security - Guideline for incident preparedness and operational continuity management.
  11. 11.0 11.1 Province of Ontario’s Emergency Management Glossary of Terms
Retrieved from "https://websites.fraunhofer.de/CIPedia/index.php?title=Incident&oldid=2922"