Ver:
· Valor
Componente o funcionalidad de un sistema de información susceptible de ser atacado deliberada o accidentalmente con consecuencias para la organización. Incluye: información, datos, servicios, aplicaciones (software), equipos (hardware), comunicaciones, recursos administrativos, recursos físicos y recursos humanos. [ENS:2010]
Componente o funcionalidad de un sistema de información susceptible de ser atacado deliberada o accidentalmente con consecuencias para la organización. Incluye: información, datos, servicios, aplicaciones (software), equipos (hardware), comunicaciones, recursos administrativos, recursos físicos y recursos humanos. [UNE-71504:2008]
(Estrategia del Servicio) Cualquier Recurso o Capacidad. Los Activos de un Proveedor de Servicio incluyen todo aquello que se pueda atribuir a la entrega del Servicio. Los Activos pueden ser de los siguientes tipos: Administrativos, Organizativos, de Proceso, de Conocimiento, Personas, Información, Aplicaciones, Infraestructura, y de Capital. [ITIL:2007]
Recursos del sistema de información o relacionados con éste, necesarios para que la Organización funcione correctamente y alcance los objetivos propuestos por su Dirección. [Magerit:2012]
Cualquier recurso que tenga valor para el organismo y que sea necesario para la realización de sus objetivos. Destacamos especialmente los elementos esenciales y las entidades que es conveniente proteger. [EBIOS:2005]
Cualquier cosa que tiene un valor. [Ribagorda:1997]
either tangible
or intangible value that is worth protecting, including people, information,
infrastructure finances and reputation infrastructure, finances and reputation
ISACA, Cybersecurity Glossary, 2014
anything that has value to an individual, an organization or a government. [ISO-27032:2012]
A major
application, general support system, high impact program, physical plant,
mission critical system, personnel, equipment, or a logically related group of
systems. [CNSSI_4009:2010]
Something of either tangible or intangible value worth protecting, including people, information, infrastructure, finances and reputation. [RiskIT-PG:2009]
person,
structure, facility, information, material, or process that has value
Extended
Definition: includes: contracts, facilities, property, records, unobligated or
unexpended balances of appropriations, and other funds or resources, personnel,
intelligence, technology, or physical infrastructure, or anything useful that
contributes to the success of something, such as an organizational mission;
assets are things of value or properties to which value can be assigned; from
an intelligence standpoint, includes any resource person, group,
relationship, instrument, installation, or supply at the disposal of an
intelligence organization for use in an operational or support role
Annotation: In
some domains, capabilities and activities may be considered assets as well. In
the context of the National Infrastructure Protection Plan, people are not
considered assets.
DHS Risk Lexicon,
September 2008
(I) A system resource that is (a) required to be protected by an information system's security policy, (b) intended to be protected by a countermeasure, or (c) required for a system's mission. [RFC4949:2007]
(Service Strategy) Any Resource or Capability. Assets of a Service Provider include anything that could contribute to the delivery of a Service. Assets can be one of the following types: Management, Organisation, Process, Knowledge, People, Information, Applications, Infrastructure, and Financial Capital. [ITIL:2007]
entities that the
owner of the TOE presumably places value upon.
TOE - Target of
Evaluation
[CC:2006]
Any resource of value to the organisation and necessary for achieving its objectives. There is an important distinction between essential elements and entities needing to be protected. [EBIOS:2005]
A component or
part of the total system. Assets may be of four types: physical, application
software, data, or end user services. [CRAMM:2003]
Something of
value to the enterprise. [Octave:2003]
Any information resource with value that is worth protecting or preserving. [TDIR:2003]
information or resources to be protected by the technical and non-technical countermeasures of a TOE. [ITSEM:1993]
A physical item,
informational item, or capability required by an organization to maintain
productivity. Examples include a computer system, a customer database, and an
assembly line.
http://www.symantec.com/avcenter/refa.html
A digitally
connected asset; that is. an asset that is connected to a routable network or a
Host. The term Cyber Asset is used within the NERC reliability standards. which
defines a Cyber Asset as any Asset connected to a mutable network within a
control system; any Asset connected to a routable network outside of the
control system; and/or any Asset reachable via dial-up. [knapp:2014]
A critical cyber
asset is a cyber asset that is itself responsible for per- forming a critical
function, or directly impacts an asset that performs a critical function. The term
critical cyber asset" is used heavily within NERC reliability standards
for Critical Infrastructure Protection. [knapp:2014]
A critical
digital asset" is a digitally connected asset that is itself responsible
for performing a critical function, or directly impacts an asset that performs
a critical function. The term "critical digital asset" is used
heavily within NRC regulations and guidance documents. Also see: Critical Cyber
Asset. [knapp:2014]
Programmable
electronic devices, including the hardware, software, and data in those
devices. [NERC:2014]
(Stratégie de Services)
Toute ressource ou capacité. Les actifs d'un fournisseur de service regroupent
tout ce qui peut contribuer à la fourniture d'un service. Les actifs peuvent
appartenir à une des catégories suivantes: Gestion, Organisation, Processus,
Compétences, Personnel, Informations, Applications, Infrastructure, et Capital
financier. [ITIL:2007]
tout élément
représentant de la valeur pour l'organisme.
Toute ressource qui a de la valeur pour l'organisme et qui est nécessaire à la réalisation de ses objectifs. On distingue notamment les éléments essentiels et les entités qu'il convient de protéger. [EBIOS:2005]
Temas relacionados