expand for answer
IT-related risk
The net mission/business impact considering the probability that a particular threat source will exploit, or trigger, a particular information system vulnerability, and the resulting impact if this should occur. ITrelated risks arise from legal liability or mission/business loss due to, but not limited to, (1) unauthorized (malicious, nonmalicious, or accidental) disclosure, modification, or destruction of information; (2) nonmalicious errors and omissions; (3) IT disruptions due to normal or manmade disasters; (4) failure to exercise due care and diligence in the implementation and operation of the IT.
Similar items:
The probability that a particular threat agent will exploit, or trigger, a particular information system vulnerability and the resulting mission/business impact if this should occur. ISrelated risks arise from legal liability or mission/business loss due to (1) unauthorized (malicious, nonmalicious, or accidental) disclosure, modification, or destruction of information; (2) nonmalicious errors and omissions; (3) IS disruptions due to natural or manmade disasters; (4) failure to exercise due care and diligence in the implementation and operation of the IS.
[view]
[view]
Possibility that a particular threat will adversely impact an information system by exploiting a particular vulnerability. The likelihood that any specific threat will exploit a specific vulnerability to cause harm to an asset. Risk is an assessment of probability, possibility, or chance. Risk = threat - vulnerability. The probability that a particular security threat will exploit a particular vulnerability.
[view]
[view]
(1) Freedom from undesirable events, such as malicious and accidental misuse; how well a system resists penetrations by outsiders and misuse by insiders. (2) The protection of system resources from accidental or malicious access, use, modification, destruction, or disclosure. (3) The protection of resources from damage and the protection of data against accidental or intentional disclosure to unauthorized persons or unauthorized modifications or destruction. Security concerns transcend the boundaries of an automated system.
[view]
[view]
Protection of data from unauthorized (accidental or intentional) modification, destruction, or disclosure. The protection of data from accidental or malicious modification, destruction, or disclosure.
[view]
[view]
A program used to detect weaknesses within an organization. Vulnerability scans and vulnerability assessments are two common elements of a vulnerability management program. Vulnerability scans are technical scans performed regularly, and vulnerability assessments are normally combined with a risk assessment.
[view]
[view]
There are no comments yet.