CHAPTER 3: DEFINITIONS
ISO27001 has specific definitions6 for key terms, and these are relevant to those involved in carrying out risk assessments.
Asset: anything that has value to the organization.
Availability: the property of being accessible and usable upon demand by an authorized entity.
Confidentiality: the property that information is not made available or disclosed to unauthorized individuals, entities or processes.
Control: means of managing risk, including policies, procedures, guidelines, practices or organizational structures, which can be of an administrative, technical, management or legal nature. Control is also used as a synonym for safeguard or countermeasure.
Information processing facilities: any information processing ...
Get Risk Assessment for Asset Owners now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
