Difference between revisions of "Severity"

From CIPedia
Jump to navigation Jump to search
(Notes)
(Notes)
 
(4 intermediate revisions by the same user not shown)
Line 16: Line 16:
 
===Other Definitions===
 
===Other Definitions===
 
==== [[Ontario]] ([[Canada]]) ====
 
==== [[Ontario]] ([[Canada]]) ====
{{definition|Severity is the extent of disruption and/or damages associated with a [[hazard]].<br /><br/>(Gravité: étendue des perturbations et/ou des dommages causés par un danger.)<ref name="Ontario">[https://www.emergencymanagementontario.ca/english/emcommunity/response_resources/GlossaryOfTerms/glossary_of_terms.html Province of Ontario’s Emergency Management Glossary of Terms]</ref>}}
+
{{definition|Severity is the extent of disruption and/or damages associated with a [[hazard]].<br /><br/>(Gravité: étendue des perturbations et/ou des dommages causés par un danger.)<ref name="Ontario">[https://www.emergencymanagementontario.ca/english/emcommunity/response_resources/GlossaryOfTerms/glossary_of_terms.html Province of Ontario’s Emergency Management Glossary of Terms]</ref>}}<br/><br/>
 
+
==== [[OWASP]] ====
 
+
{{definition|The severity of a risk combines its [[Probability|likelihood]] and [[Impact|impact]] into a single measure. <ref>[https://www.owasp.org/index.php/Glossary OWASP Glossary]</ref>}}This combination often follows the guidance of <ref>[http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf NIST Special Publication 800-30]</ref>, though some practitioners opt to use their own scale.
 +
{| class="wikitable"
 +
|colspan="2"|
 +
!colspan="3"|[[Impact]]
 +
|-
 +
|colspan="2"|
 +
!Low
 +
!Medium
 +
!High
 +
|-
 +
!rowspan="4"|[[Probability|Likelihood]]
 +
|-
 +
!High
 +
|Low
 +
|Medium
 +
|High
 +
|-
 +
!Medium
 +
|Low
 +
|Medium
 +
|Medium
 +
|-
 +
! Low
 +
| Low
 +
| Low
 +
| Low
 +
|}
 
<!--
 
<!--
 
===Standard Definition===-->
 
===Standard Definition===-->
  
 +
=== [[Dictionary]]===
 +
{{definition|Severity: Hoe ernstig een zwakke plek van een digitaal systeem is. <ref>[https://www.cybersecurityalliantie.nl/ecp_images/2021/12/Cybersecurity-Woordenboek-2021_ZonderSpreads.pdf Cybersecurity Woordenboek 2021]</ref>}}<br/><br/>
 +
{{#set:defined by=Dictionary}}
 
==See also==
 
==See also==
 
<big>For alike definitions, also refer to the term [[impact]].</big>
 
<big>For alike definitions, also refer to the term [[impact]].</big>
Line 30: Line 59:
  
 
==Notes==
 
==Notes==
 +
==References==
 
<references />
 
<references />
 
<!--
 
==References==
 
* Test reference. -->
 
 
 
[[Category:Consequence]][[Category:Risk]]
 
[[Category:Consequence]][[Category:Risk]]
 
{{#set:defined by=EU|defined by=Chile|
 
{{#set:defined by=EU|defined by=Chile|
defined by=Ontario|defined by=Greece|}}
+
defined by=Ontario|defined by=Greece|defined by=OWASP}}
 +
{{#set: Showmainpage=Yes}}

Latest revision as of 11:44, 15 August 2022

The term is strongly related to the terms "Consequence" and "Impact" and further work is needed in order to distinguish between these terms. In some cases, the term "Effect" is also used as synonymous.

Definitions

European Definitions

EU

Severity is the impact of the disruption or destruction of a particular infrastructure, with reference to (1) public effect (number of members of the population affected); (2) economic effect (significance of economic loss and/or degradation of products or services); (3) environmental effect; (4) political effects; (5) psychological effects; and (6) public health consequences. [1]


National Definitions

Chile

Severidad: Daño causado por una amenaza generalmente relacionada a la intensidad del fenómeno. [2]



Greece

Η ένταση της καταστροφής καθορίζεται από το μέγεθος των απωλειών ή ζημιών που αφορούν στη ζωή, στην υγεία και στην περιουσία των πολιτών, στα αγαθά, στις παραγωγικές πηγές και στις υποδομές.
(The severity of the disaster is assessed based on the quantity of losses and damages with reference to the life, health and property of citizens, to assets, to productive resources and to infrastructures) [3]



Other Definitions

Ontario (Canada)

Severity is the extent of disruption and/or damages associated with a hazard.

(Gravité: étendue des perturbations et/ou des dommages causés par un danger.)[4]



OWASP

The severity of a risk combines its likelihood and impact into a single measure. [5]

This combination often follows the guidance of [6], though some practitioners opt to use their own scale.

Impact
Low Medium High
Likelihood
High Low Medium High
Medium Low Medium Medium
Low Low Low Low

Dictionary

Severity: Hoe ernstig een zwakke plek van een digitaal systeem is. [7]



See also

For alike definitions, also refer to the term impact.

Notes

References