Asset

From CIPedia
Jump to: navigation, search

Definitions

European Definitions

ENISA

Anything that has value to the organization, its business operations and their continuity, including Information resources that support the organization's mission. [1]

EU project

An asset is a CIP and CIP-related methodology, method, platform, test bed, infrastructure, research tool, technology, model, data source, report, and any other form of CIP- and modelling, simulation and analysis (MS&A) expertise. [2]


National Definitions

Australia

Asset: an item that has a value to an agency—including personnel, information and physical assets. [3]


Canada

A person, structure, facility, information, material or process that has value.

Personne, structure, installation, information, matériel ou processus ayant de la valeur. [4]

Czech Republic

Cokoliv, co má hodnotu pro jednotlivce, organizaci nebo veřejnou správu. [5]

Anything that has value to an individual, company or public administration. [6]


Kingdom of Saudi Arabia

Asset is a major application, general support system, high impact program, physical plant,mission critical system, personnel, equipment, or a logically related group of systems. [7]

United Arab Emirates

Asset: Any tangible or intangible value (people, property, information) to the organisation. [8]

United States

DHS
An assets is a person, structure, facility, information, material, or process that has value. [9]

NIST
A major application, general support system, high impact program, physical plant, mission critical system, personnel, equipment, or a logically related group of systems. [10]

US-CERT
Something of value to an organization; typically, people, information, technology, and facilities that the critical services relies on. [11]
One of the foundational principles of the CRR design is the idea that an organization deploys its assets (i.e., people, information, technology, and facilities) to support specific operational missions. Failure in any of these assets may result in a cascading impact on related business processes, services, and the organization’s mission.

Standard Definition

ISA-62443-*

Asset: physical or logical object having either a perceived or actual value to the IACS. [12]

ISO/IEC 27000:2012

Anything that has value to the organization. [13]

This definition has been removed in the revised version of the standard in 2014. [14]

IETF

A system resource that is (a) required to be protected by an information system's security policy, (b) intended to be protected by a countermeasure, or (c) required for a system's mission. [15]

See also

Notes

  1. ENISA Risk Glossary
  2. CIPRNet Deliverable D4.3
  3. Protective Security Policy Framework - Glossary Oct 2017
  4. Vocabulaire de la gestion des urgencies/Emergency Management Emergency Management Vocabulary 281 (2012)
  5. Výkladový slovník kybernetické bezpečnosti (2013)
  6. Cyber Security Explanatory Glossary (2013)
  7. Developing National Information Security Strategy for the Kingdom of Saudi Arabia NISS draft 7
  8. Abu Dhabi Safety and Security Planning Manual
  9. DHS Risk Lexicon 2010 Edition, September 2010
  10. NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013
  11. Cyber Resilience Review (CRR): Method Description and Self-Assessment User Guide (2016)
  12. ISA-62443 series
  13. ISO/IEC 27000:2012, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
  14. ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
  15. IETF RFC449 Internet Security Glossary 2