Difference between revisions of "Vulnerability"
(→USA) |
|||
Line 20: | Line 20: | ||
{{Definition|(in French) Vulnérabilité: propension d’un milieu, d’un bien ou d’une personne à subir des conséquences dommageables à la suite d’un événement. Elle ne produit pas nécessairement de dommage par elle-même <ref>[http://circulaire.legifrance.gouv.fr/pdf/2014/01/cir_37828.pdf INSTRUCTION GENERALE INTERMINISTERIELLE RELATIVE A LA SECURITE DES ACTIVITES D’IMPORTANCE VITALE N°6600/SGDSN/PSE/PSN du 7 janvier 2014, PREMIER MINISTRE, SECRETARIAT GENERAL DE LA DEFENSE ET DE LA SECURITE NATIONALE, Direction Protection et Sécurité de l’Etat N° NOR: PRMD1400503J] </ref>.}} | {{Definition|(in French) Vulnérabilité: propension d’un milieu, d’un bien ou d’une personne à subir des conséquences dommageables à la suite d’un événement. Elle ne produit pas nécessairement de dommage par elle-même <ref>[http://circulaire.legifrance.gouv.fr/pdf/2014/01/cir_37828.pdf INSTRUCTION GENERALE INTERMINISTERIELLE RELATIVE A LA SECURITE DES ACTIVITES D’IMPORTANCE VITALE N°6600/SGDSN/PSE/PSN du 7 janvier 2014, PREMIER MINISTRE, SECRETARIAT GENERAL DE LA DEFENSE ET DE LA SECURITE NATIONALE, Direction Protection et Sécurité de l’Etat N° NOR: PRMD1400503J] </ref>.}} | ||
<big>Non-official translation: propensity of an environment, a good or a person to suffer from adverse [[consequence|consequences]] as a result of an [[event]]. It does not necessarily produce [[damage]] itself.</big> | <big>Non-official translation: propensity of an environment, a good or a person to suffer from adverse [[consequence|consequences]] as a result of an [[event]]. It does not necessarily produce [[damage]] itself.</big> | ||
+ | |||
+ | ==== Norway ==== | ||
+ | {{definition|The vulnerability of a system is an expression of the weaknesses and deficiencies in the system and special circumstances increases the likelihood that [[threat]]s will materialize in a security [[Incident|incident]] (Sårbarheten til et system er et uttrykk for de svakheter og mangler som finnes i systemet og spesielle omstendigheter som øker sannsynligheten for at trusler vil materialisere seg i en sikkerhetshendelse).<ref>[http://www.enisa.europa.eu/activities/Resilience-and-CIIP/national-cyber-security-strategies-ncsss/Norway_Cyber_Security_StrategyNO.pdf Nasjonal strategi for informasjonssikkerhet (2012)]</ref>}} | ||
+ | Examples of special circumstances may be size, complexity, that many actors are involved, geographical spread, frequent changes and deferred location. | ||
+ | <br /> | ||
==== USA ==== | ==== USA ==== | ||
{{definition|A physical feature or operational attribute that renders an entity open to exploitation or susceptible to a given [[hazard]] <ref> [http://www.dhs.gov/xlibrary/assets/dhs-risk-lexicon-2010.pdf DHS Risk Lexicon 2010 Edition, September 2010]</ref>.}} | {{definition|A physical feature or operational attribute that renders an entity open to exploitation or susceptible to a given [[hazard]] <ref> [http://www.dhs.gov/xlibrary/assets/dhs-risk-lexicon-2010.pdf DHS Risk Lexicon 2010 Edition, September 2010]</ref>.}} | ||
− | |||
===Standard Definition=== | ===Standard Definition=== |
Revision as of 17:37, 21 February 2015
Contents
Definitions
European Definitions
Other International Definitions
NATO CEP / EAPC
UNISDR
There are many aspects of vulnerability, arising from various physical, social, economic, and environmental factors. Examples may include poor design and construction of buildings, inadequate protection of assets, lack of public information and awareness, limited official recognition of risks and preparedness measures, and disregard for wise environmental management.
Vulnerability varies significantly within a community and over time. This definition identifies vulnerability as a characteristic of the element of interest (community, system or asset) which is independent of its exposure. However, in common use the word is often used more broadly to include the element’s exposure.
National Definitions
France
Non-official translation: propensity of an environment, a good or a person to suffer from adverse consequences as a result of an event. It does not necessarily produce damage itself.
Norway
Examples of special circumstances may be size, complexity, that many actors are involved, geographical spread, frequent changes and deferred location.
USA
Standard Definition
ISO/IEC 27000:2014
See also
Notes
- ↑ EC COM(2006) 787 final, Directive of the Council on the identification and designation of European Critical Infrastructure and the assessment of the need to improve their protection, EC, Brussels 12.12.2006.
- ↑ NATO EAPC(SCEPC) lexicon 2003.
- ↑ 2009 UNISDR Terminology on Disaster Risk Reduction
- ↑ INSTRUCTION GENERALE INTERMINISTERIELLE RELATIVE A LA SECURITE DES ACTIVITES D’IMPORTANCE VITALE N°6600/SGDSN/PSE/PSN du 7 janvier 2014, PREMIER MINISTRE, SECRETARIAT GENERAL DE LA DEFENSE ET DE LA SECURITE NATIONALE, Direction Protection et Sécurité de l’Etat N° NOR: PRMD1400503J
- ↑ Nasjonal strategi for informasjonssikkerhet (2012)
- ↑ DHS Risk Lexicon 2010 Edition, September 2010
- ↑ ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary