Difference between revisions of "Protected Critical Infrastructure Information"
Jump to navigation
Jump to search
(→See also) |
(→Australia) |
||
| (9 intermediate revisions by the same user not shown) | |||
| Line 6: | Line 6: | ||
=== National Definitions === | === National Definitions === | ||
| − | ==== United States ==== | + | ====[[Australia]]==== |
| + | {{definition|Protected information means a document or information that: <br/>(a) is obtained by a person in the course of exercising powers, or performing duties or functions, under this Act; or <br/><br/>(b) records or is the fact that an asset is declared under section 51 to be a critical infrastructure asset; or <br/>(ba) records or is the fact that an asset is declared under section 52B to be a system of national significance; or <br/>(bb) records or is the fact that the Minister has: (i) given a Ministerial authorisation; or (ii) revoked a Ministerial authorisation; or <br/>(bc) is, or is included in, a critical infrastructure risk management program that is adopted by an entity in compliance with section 30AC; or <br/>(bd) is, or is included in, a report that is given under section 30AG or 30AQ; or <br/>(be) is, or is included in, a report under section 30BC or 30BD; or <br/>(bf) is, or is included in, an incident response plan adopted by an entity in compliance with section 30CD; or <br/>(bg) is, or is included in, an evaluation report prepared under section 30CQ or 30CR; or <br/>(bh) is, or is included in, a vulnerability assessment report prepared under section 30CZ; or <br/>(bi) is, or is included in, a report prepared in compliance with: (i) a system information periodic reporting notice; or (ii) a system information event‑based reporting notice; or<br/>(bj) records or is the fact that the Secretary has: (i) given a direction under section 35AK; or (ii) revoked such a direction; or<br/>(bk) records or is the fact that the Secretary has:<br/>(i) given a direction under section 35AQ; or (ii) revoked such a direction; or<br/>(bl) records or is the fact that the Secretary has: (i) given a request under section 35AX; or (ii) revoked such a request; or<br/><br/>(c) was a document or information to which paragraph (a), (b), (ba), (bb), (bc), (bd), (be), (bf), (bg), (bh), (bi), (bj), (bk) or (bl) applied and is obtained by a person by way of an authorised disclosure under Division 3 of Part 4 or in accordance with section 46. <ref>[https://www.legislation.gov.au/Details/C2022C00160 Security of Critical Infrastructure Act 2018]</ref>}}<br/> | ||
| + | {{definition|''Protected information'' means a document or information that: <br/>(a) is obtained by a person in the course of exercising powers, or<br/>performing duties or functions, under this Act; or <br/> (b) records or is the fact that an asset is declared under section 51 to be a [[Critical Infrastructure|critical infrastructure]] [[Asset|asset]]; or <br/>(c) was a document or information to which paragraph (a) or (b) applied and is obtained by a person by way of an authorised disclosure under Division 3 of Part 4 or in accordance with section 46. <ref>[http://parlinfo.aph.gov.au/parlInfo/download/legislation/bills/s1118_aspassed/toc_pdf/1728920.pdf Security of Critical Infrastructure Bill 2018] </ref>}}<br/> | ||
| + | |||
| + | ==== [[United States]] ==== | ||
{{definition|PCII protections mean that homeland security partners can be confident that sharing their information with the government will not expose sensitive or proprietary data. <ref> [http://www.dhs.gov/protected-critical-infrastructure-information-pcii-program PCII Program, DHS, United States]</ref> }} | {{definition|PCII protections mean that homeland security partners can be confident that sharing their information with the government will not expose sensitive or proprietary data. <ref> [http://www.dhs.gov/protected-critical-infrastructure-information-pcii-program PCII Program, DHS, United States]</ref> }} | ||
| + | The Protected Critical Infrastructure Information (PCII) Program is an information-protection program that enhances voluntary information sharing between infrastructure owners and operators and the US government. PCII protections mean that homeland security partners can be confident that sharing their information with the government will not expose sensitive or proprietary data.<br/> | ||
| − | + | <!--===Standard Definition=== | |
--> | --> | ||
==See also== | ==See also== | ||
| − | NIST Publication on Controlled Unclassified Information (UCI). <ref>http://csrc.nist.gov/publications/drafts/800-171/sp800_171_second_draft.pdf NIST SP800-171 - Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations (2015).</ref> | + | NIST Publication on Controlled Unclassified Information (UCI). <ref>[http://csrc.nist.gov/publications/drafts/800-171/sp800_171_second_draft.pdf NIST SP800-171 - Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations (2015).]</ref> |
==Notes== | ==Notes== | ||
| + | ==References== | ||
<references /> | <references /> | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
[[Category:Infrastructure]] | [[Category:Infrastructure]] | ||
[[Category:Information]] | [[Category:Information]] | ||
[[Category:Protection]] | [[Category:Protection]] | ||
| − | {{#set:defined by=United States}} | + | {{#set:defined by=United States|defined by=Australia}} |
| + | {{#set: Showmainpage=Yes}} | ||
Latest revision as of 21:46, 5 July 2023
Contents
Definitions
European Definitions
National Definitions
Australia
Protected information means a document or information that:
(a) is obtained by a person in the course of exercising powers, or performing duties or functions, under this Act; or
(b) records or is the fact that an asset is declared under section 51 to be a critical infrastructure asset; or
(ba) records or is the fact that an asset is declared under section 52B to be a system of national significance; or
(bb) records or is the fact that the Minister has: (i) given a Ministerial authorisation; or (ii) revoked a Ministerial authorisation; or
(bc) is, or is included in, a critical infrastructure risk management program that is adopted by an entity in compliance with section 30AC; or
(bd) is, or is included in, a report that is given under section 30AG or 30AQ; or
(be) is, or is included in, a report under section 30BC or 30BD; or
(bf) is, or is included in, an incident response plan adopted by an entity in compliance with section 30CD; or
(bg) is, or is included in, an evaluation report prepared under section 30CQ or 30CR; or
(bh) is, or is included in, a vulnerability assessment report prepared under section 30CZ; or
(bi) is, or is included in, a report prepared in compliance with: (i) a system information periodic reporting notice; or (ii) a system information event‑based reporting notice; or
(bj) records or is the fact that the Secretary has: (i) given a direction under section 35AK; or (ii) revoked such a direction; or
(bk) records or is the fact that the Secretary has:
(i) given a direction under section 35AQ; or (ii) revoked such a direction; or
(bl) records or is the fact that the Secretary has: (i) given a request under section 35AX; or (ii) revoked such a request; or
(c) was a document or information to which paragraph (a), (b), (ba), (bb), (bc), (bd), (be), (bf), (bg), (bh), (bi), (bj), (bk) or (bl) applied and is obtained by a person by way of an authorised disclosure under Division 3 of Part 4 or in accordance with section 46. [1]
(a) is obtained by a person in the course of exercising powers, or performing duties or functions, under this Act; or
(b) records or is the fact that an asset is declared under section 51 to be a critical infrastructure asset; or
(ba) records or is the fact that an asset is declared under section 52B to be a system of national significance; or
(bb) records or is the fact that the Minister has: (i) given a Ministerial authorisation; or (ii) revoked a Ministerial authorisation; or
(bc) is, or is included in, a critical infrastructure risk management program that is adopted by an entity in compliance with section 30AC; or
(bd) is, or is included in, a report that is given under section 30AG or 30AQ; or
(be) is, or is included in, a report under section 30BC or 30BD; or
(bf) is, or is included in, an incident response plan adopted by an entity in compliance with section 30CD; or
(bg) is, or is included in, an evaluation report prepared under section 30CQ or 30CR; or
(bh) is, or is included in, a vulnerability assessment report prepared under section 30CZ; or
(bi) is, or is included in, a report prepared in compliance with: (i) a system information periodic reporting notice; or (ii) a system information event‑based reporting notice; or
(bj) records or is the fact that the Secretary has: (i) given a direction under section 35AK; or (ii) revoked such a direction; or
(bk) records or is the fact that the Secretary has:
(i) given a direction under section 35AQ; or (ii) revoked such a direction; or
(bl) records or is the fact that the Secretary has: (i) given a request under section 35AX; or (ii) revoked such a request; or
(c) was a document or information to which paragraph (a), (b), (ba), (bb), (bc), (bd), (be), (bf), (bg), (bh), (bi), (bj), (bk) or (bl) applied and is obtained by a person by way of an authorised disclosure under Division 3 of Part 4 or in accordance with section 46. [1]
Protected information means a document or information that:
(a) is obtained by a person in the course of exercising powers, or
performing duties or functions, under this Act; or
(b) records or is the fact that an asset is declared under section 51 to be a critical infrastructure asset; or
(c) was a document or information to which paragraph (a) or (b) applied and is obtained by a person by way of an authorised disclosure under Division 3 of Part 4 or in accordance with section 46. [2]
(a) is obtained by a person in the course of exercising powers, or
performing duties or functions, under this Act; or
(b) records or is the fact that an asset is declared under section 51 to be a critical infrastructure asset; or
(c) was a document or information to which paragraph (a) or (b) applied and is obtained by a person by way of an authorised disclosure under Division 3 of Part 4 or in accordance with section 46. [2]
United States
PCII protections mean that homeland security partners can be confident that sharing their information with the government will not expose sensitive or proprietary data. [3]
The Protected Critical Infrastructure Information (PCII) Program is an information-protection program that enhances voluntary information sharing between infrastructure owners and operators and the US government. PCII protections mean that homeland security partners can be confident that sharing their information with the government will not expose sensitive or proprietary data.
See also
NIST Publication on Controlled Unclassified Information (UCI). [4]
Notes
References
