Difference between revisions of "Measure"

From CIPedia
Jump to navigation Jump to search
Line 5: Line 5:
 
===Standard Definition===
 
===Standard Definition===
 
==== ISO standards====
 
==== ISO standards====
{{definition|Variable to which a value is assigned as the result of measurement <ref> [http://www.iso.org/iso/catalogue_detail.htm?csnumber=44344 ISO/IEC 15939:2007 Systems and software engineering -- Measurement process]</ref>. The  term  “measures”  is  used  to  refer  collectively  to  base  measures,  derived  measures, and indicators <ref name="ISO27000-14"> [http://www.iso.org/iso/home/store/catalogue_ics/catalogue_detail_ics.htm?csnumber=63411 ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary]</ref>.}}
+
{{definition|Variable to which a value is assigned as the result of measurement <ref> [http://www.iso.org/iso/catalogue_detail.htm?csnumber=44344 ISO/IEC 15939:2007 Systems and software engineering -- Measurement process]</ref>. The  term  “measures”  is  used  to  refer  collectively  to  base  measures,  derived  measures, and indicators. <ref name="ISO27000-14"> [http://www.iso.org/iso/home/store/catalogue_ics/catalogue_detail_ics.htm?csnumber=63411 ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary]</ref>}}<br />
{{definition|Measurement refers to a process to determine a value <ref name="ISO27000-14"> [http://www.iso.org/iso/home/store/catalogue_ics/catalogue_detail_ics.htm?csnumber=63411 ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary]</ref>. }}
 
  
 +
{{definition|Measurement refers to a process to determine a value. <ref name="ISO27000-14"> [http://www.iso.org/iso/home/store/catalogue_ics/catalogue_detail_ics.htm?csnumber=63411 ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary]</ref> }}<br />
 
<big>In  the  context  of  [[Information  Security]] the  process  of  determining  a  value  requires information about the effectiveness of an [[information security management system]] and its associated [[control|controls]] using a measurement method, a measurement function, an analytical model, and decision criteria.
 
<big>In  the  context  of  [[Information  Security]] the  process  of  determining  a  value  requires information about the effectiveness of an [[information security management system]] and its associated [[control|controls]] using a measurement method, a measurement function, an analytical model, and decision criteria.
* Measurement function is algorithm or calculation performed to combine two or more base measures <ref> [http://www.iso.org/iso/catalogue_detail.htm?csnumber=44344 ISO/IEC 15939:2007 Systems and software engineering -- Measurement process]</ref>.
+
* Measurement function is algorithm or calculation performed to combine two or more base measures. <ref> [http://www.iso.org/iso/catalogue_detail.htm?csnumber=44344 ISO/IEC 15939:2007 Systems and software engineering -- Measurement process]</ref>
 
* Measurement method is logical sequence of operations, described generically, used in quantifying an attribute with respect  to a specified scale <ref> [http://www.iso.org/iso/catalogue_detail.htm?csnumber=44344 ISO/IEC 15939:2007 Systems and software engineering -- Measurement process]</ref>. The type of measurement method depends on the nature of the operations used to quantify an attribute. Two types can be distinguished:
 
* Measurement method is logical sequence of operations, described generically, used in quantifying an attribute with respect  to a specified scale <ref> [http://www.iso.org/iso/catalogue_detail.htm?csnumber=44344 ISO/IEC 15939:2007 Systems and software engineering -- Measurement process]</ref>. The type of measurement method depends on the nature of the operations used to quantify an attribute. Two types can be distinguished:
 
:* subjective: quantification involving human judgment;
 
:* subjective: quantification involving human judgment;
Line 28: Line 28:
  
 
[[Category:Protection]]
 
[[Category:Protection]]
 +
{{#set:defined by=ISO}}

Revision as of 17:24, 10 June 2015

For the term which is synonymous to "countermeasure", "safeguard" or "control", please refer to entry Control.

Definitions

Standard Definition

ISO standards

Variable to which a value is assigned as the result of measurement [1]. The term “measures” is used to refer collectively to base measures, derived measures, and indicators. [2]


Measurement refers to a process to determine a value. [2]


In the context of Information Security the process of determining a value requires information about the effectiveness of an information security management system and its associated controls using a measurement method, a measurement function, an analytical model, and decision criteria.

  • Measurement function is algorithm or calculation performed to combine two or more base measures. [3]
  • Measurement method is logical sequence of operations, described generically, used in quantifying an attribute with respect to a specified scale [4]. The type of measurement method depends on the nature of the operations used to quantify an attribute. Two types can be distinguished:
  • subjective: quantification involving human judgment;
  • objective: quantification based on numerical rules.
  • Measurement results are one or more indicators and their associated interpretations that address an information need.
  • Decision criteria refer to thresholds, targets, or patterns used to determine the need for action or further investigation, or to describe the level of confidence in a given result [5].
  • Analytical model is algorithm or calculation combining one or more base measures and/or derived measures with associated decision criteria.

See also

Notes