Difference between revisions of "Vulnerability"
(→France) |
(→National Definitions) |
||
Line 17: | Line 17: | ||
=== National Definitions === | === National Definitions === | ||
+ | ==== Australia ==== | ||
+ | {{definition| Vulnerability is the degree of susceptibility and [[resilience]] of the community and environment to [[Hazard|hazards]]. <ref name="MAIMAus">[https://www.em.gov.au/Documents/Manual03-AEMGlossary.PDF Australian Emergency Management Glossary, Emergency Management Australia (1998)]</ref>}} | ||
+ | <br /> | ||
+ | {{definition| Vulnerability is the degree of loss to a given element at risk or set of such elements resulting from the occurrence of a phenomenon of a given magnitude and expressed on a scale of 0 (no damage) to 1 (total loss). <ref name="MAIMAus">[https://www.em.gov.au/Documents/Manual03-AEMGlossary.PDF Australian Emergency Management Glossary, Emergency Management Australia (1998)]</ref>}} | ||
+ | <br /> | ||
+ | |||
==== Czech Republic ==== | ==== Czech Republic ==== | ||
− | {{definition| | + | {{definition|Vulnerability is a weak spot of an [[asset]] or control which can be made use of by a [[threat]].<ref>[http://www.govcert.cz/download/nodeid-1143/ Act No. 181 of 23 July 2014 On Cyber Security and Change of Related Acts (Act on Cyber Security)]</ref>}} |
Slabé místo aktiva nebo řízení, které může být využito hrozbou.<br /> | Slabé místo aktiva nebo řízení, které může být využito hrozbou.<br /> | ||
==== France ==== | ==== France ==== |
Revision as of 00:51, 24 May 2015
Contents
Definitions
European Definitions
Other International Definitions
NATO CEP / EAPC
UNISDR
There are many aspects of vulnerability, arising from various physical, social, economic, and environmental factors. Examples may include poor design and construction of buildings, inadequate protection of assets, lack of public information and awareness, limited official recognition of risks and preparedness measures, and disregard for wise environmental management.
Vulnerability varies significantly within a community and over time. This definition identifies vulnerability as a characteristic of the element of interest (community, system or asset) which is independent of its exposure. However, in common use the word is often used more broadly to include the element’s exposure.
National Definitions
Australia
Czech Republic
Slabé místo aktiva nebo řízení, které může být využito hrozbou.
France
Non-official translation: propensity of an environment, a good or a person to suffer from adverse consequences as a result of an event. It does not necessarily produce damage itself.
Kingdom of Saudi Arabia
Norway
Examples of special circumstances may be size, complexity, that many actors are involved, geographical spread, frequent changes and deferred location.
United States
DHS
NIST
The document provides several definitions.
Standard Definition
ISO 22300:2012(en)
ISO/IEC 27000:2014
See also
Notes
- ↑ EC COM(2006) 787 final, Directive of the Council on the identification and designation of European Critical Infrastructure and the assessment of the need to improve their protection, EC, Brussels 12.12.2006.
- ↑ NATO EAPC(SCEPC) lexicon 2003.
- ↑ 2009 UNISDR Terminology on Disaster Risk Reduction
- ↑ 4.0 4.1 Australian Emergency Management Glossary, Emergency Management Australia (1998)
- ↑ Act No. 181 of 23 July 2014 On Cyber Security and Change of Related Acts (Act on Cyber Security)
- ↑ INSTRUCTION GENERALE INTERMINISTERIELLE RELATIVE A LA SECURITE DES ACTIVITES D’IMPORTANCE VITALE N°6600/SGDSN/PSE/PSN du 7 janvier 2014, PREMIER MINISTRE, SECRETARIAT GENERAL DE LA DEFENSE ET DE LA SECURITE NATIONALE, Direction Protection et Sécurité de l’Etat N° NOR: PRMD1400503J
- ↑ Developing National Information Security Strategy for the Kingdom of Saudi Arabia NISS draft 7
- ↑ Nasjonal strategi for informasjonssikkerhet (2012)
- ↑ DHS Risk Lexicon 2010 Edition, September 2010
- ↑ NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013/NIST SP 800 series
- ↑ ISO 22300:2012(en) Societal security — Terminology
- ↑ ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary