• HOME
  • ABOUT US
  • SECANT NOTION
  • SECURITY CONSULTANCY
    • INVESTMENT, ACQUISITIONS
    • SECURITY MANAGEMENT
    • SECURITY STRUCTURE
    • STUDIES
    • OPERATOR'S SECURITY PLAN
    • SECURITY LEGISLATION
    • SECURITY STANDARDS
    • TERMS & DEF'S

      • Security terms and definitions

      Risk - the effect of uncertainty on the achievement
      Risk management process - the systematic application of policies, procedures and management practices in the activities of communication, consultation, establishing the context, as well as the identification, analysis, evaluation, treatment, monitoring and reviewing risk
      setting the context - defining internal and external parameters to be considered in risk management and determining the scope and risk criteria for policy on risk management
      criteria for risk - terms of reference against which the significance of risk is assessed
      Risk assessment - comprehensive process that includes risk identification, risk analysis and risk assessment
      Risk analysis - the process of understanding the nature of the risk and determining the level of risk
      Risk Matrix - a tool for classifying and displaying risks by defining categories of consequences and plausibility
      acceptance of risk - informed decision to assume a certain risk
      treating risk - risk modification process
      Residual risk - risk remaining after risk treatment
      Security - a situation in which you are protected against the dangers and losses; is obtained by reducing the adverse consequences associated with intentional or irrational actions of others
      Physical security - the security that presents both practical measures for prevention and for preventing attackers have access to objective information and advice on resources and infrastructure design to resist the hostile acts
      Critical Infrastructure - element, system or part thereof located in Member States which is essential for the maintenance of vital societal functions, health, safety, security, social welfare or economic people, and the disruption or destruction would have a significant impact in a Member State as a result of the failure to maintain those functions
      resilience - resilience of an organization in a complex and changing environment
      information security - confidentiality, integrity and availability of information
      Privacy - the property that information is not made available or disclosed to any person, entity or unauthorized processes
      Integrity - the property to protect the accuracy and completeness of resources
      Availability - the property of being accessible and usable upon request by an authorized entity
      Authenticity - the property that an entity is what it claims to be
      Attack - attempt to destroy, expose, modify, disable, steal or gain unauthorized access or unauthorized use of a resource
      threat - potential cause of an unwanted incident which may cause damage to a system or organization
      vulnerability - weakness of a resource or means of control which can be exploited by a threat
      Event information security - in fact identified with the state of a system, a service, or network indicating a potential violation of information security, a failure of the means of control or situation previously ignored but which may be relevant in terms of security
      information security incident - one or a series of events on unwanted or unexpected information security having a significant probability of compromising business operations and threatening information security
      impact - unfavorable modification on the achieved business objectives
      information security incident management - processes for detecting, reporting, evaluation and response to information security incidents, treating them, and learning from information security incidents
      continuity of business - processes and / or procedures to ensure continuous business operations
      means of control / security measure - the means to manage risk, including policies, procedures, guidelines, practices or organizational structures that can be administrative, technical, management, or legal in nature
      statement of applicability - documented statement describing the objectives of the controls and controls that are relevant and applicable to the organization's ISMS
  • PHYSICAL SECURITY
  • MANAGEMENT CONSULTANCY
  • CONTACT
SECANT SECURITY

Security terms and definitions   ____________________

Risk - the effect of uncertainty on the achievement
Risk management process - the systematic application of policies, procedures and management practices in the activities of communication, consultation, establishing the context, as well as the identification, analysis, evaluation, treatment, monitoring and reviewing risk
setting the context - defining internal and external parameters to be considered in risk management and determining the scope and risk criteria for policy on risk management
criteria for risk - terms of reference against which the significance of risk is assessed
Risk assessment - comprehensive process that includes risk identification, risk analysis and risk assessment
Risk analysis - the process of understanding the nature of the risk and determining the level of risk
Risk Matrix - a tool for classifying and displaying risks by defining categories of consequences and plausibility
acceptance of risk - informed decision to assume a certain risk
treating risk - risk modification process
Residual risk - risk remaining after risk treatment
Security - a situation in which you are protected against the dangers and losses; is obtained by reducing the adverse consequences associated with intentional or irrational actions of others
Physical security - the security that presents both practical measures for prevention and for preventing attackers have access to objective information and advice on resources and infrastructure design to resist the hostile acts
Critical Infrastructure - element, system or part thereof located in Member States which is essential for the maintenance of vital societal functions, health, safety, security, social welfare or economic people, and the disruption or destruction would have a significant impact in a Member State as a result of the failure to maintain those functions
resilience - resilience of an organization in a complex and changing environment
information security - confidentiality, integrity and availability of information
Privacy - the property that information is not made available or disclosed to any person, entity or unauthorized processes
Integrity - the property to protect the accuracy and completeness of resources
Availability - the property of being accessible and usable upon request by an authorized entity
Authenticity - the property that an entity is what it claims to be
Attack - attempt to destroy, expose, modify, disable, steal or gain unauthorized access or unauthorized use of a resource
threat - potential cause of an unwanted incident which may cause damage to a system or organization
vulnerability - weakness of a resource or means of control which can be exploited by a threat
Event information security - in fact identified with the state of a system, a service, or network indicating a potential violation of information security, a failure of the means of control or situation previously ignored but which may be relevant in terms of security
information security incident - one or a series of events on unwanted or unexpected information security having a significant probability of compromising business operations and threatening information security
impact - unfavorable modification on the achieved business objectives
information security incident management - processes for detecting, reporting, evaluation and response to information security incidents, treating them, and learning from information security incidents
continuity of business - processes and / or procedures to ensure continuous business operations
means of control / security measure - the means to manage risk, including policies, procedures, guidelines, practices or organizational structures that can be administrative, technical, management, or legal in nature
statement of applicability - documented statement describing the objectives of the controls and controls that are relevant and applicable to the organization's ISMS