2.306 Control - Glosario

Un medio de gestión de Riesgo, asegurando que el Objetivo de Negocio es alcanzado, o asegurando que un Proceso es seguido. Ejemplos de Controles incluyen Políticas, Procedimientos, Roles, RAID, door-locks etc. Un control es llamado, algunas veces, Contramedida o medida de seguridad.

Control también es un medio de gestionar el uso o comportamiento de un Elemento de Configuración, Sistema o Servicio TI.

[ITIL:2007]

Control

Las políticas, procedimientos, prácticas y estructuras organizacionales diseñadas para proporcionar una garantía razonable de que los objetivos del negocio se alcanzarán y los eventos no deseados serán prevenidos o detectados. [COBIT:2006]

Control

1. Procedimiento empleado para garantizar que un sistema satisface los requi9sitos de seguridad establecidos en la correspondiente política.

2. Medidas utilizadas para contrarrestar las amenazas previstas.

[Ribagorda:1997]

(en) control

measure that is modifying risk [ISO Guide 73:2009]

NOTE 1: Controls include any process, policy, device, practice, or other actions which modify risk.

[ISO/IEC 27000:2014]

(en) control

measure that is modifying risk

NOTE 1. Controls include any process, policy, device, practice, or other actions which modify risk.

[ISO Guide 73:2009]

(en) security controls

The management, operational, and technical controls (i.e., safeguards or countermeasures) prescribed for an information system to protect the confidentiality, integrity, and availability of the system and its information. [CNSSI_4009:2010]

(en) security controls

(N) The management, operational, and technical controls (safeguards or countermeasures) prescribed for an information system which, taken together, satisfy the specified security requirements and adequately protect the confidentiality, integrity, and availability of the system and its information. [FP199] (See: security architecture.) [RFC4949:2007]

(en) Control

A means of managing a Risk, ensuring that a Business Objective is achieved, or ensuring that a Process is followed. Example Controls include Policies, Procedures, Roles, RAID, door-locks etc. A control is sometimes called a Countermeasure or safeguard.

Control also means to manage the utilization or behaviour of a Configuration Item, System or IT Service.

[ITIL:2007]

(en) Control

The policies, procedures, practices and organisational structures designed to provide reasonable assurance that the business objectives will be achieved and undesired events will be prevented or detected. [COBIT:2006]

(en) Security controls

(en) security control baseline

The set of minimum security controls defined for a low-impact, moderate-impact, or high-impact information system. [CNSSI_4009:2010]

(en) Security Control Baseline

The set of minimum security controls defined for a low-impact, moderate-impact, or high-impact information system. [FIPS-200:2006]

(en) Security Controls

The management, operational, and technical controls (safeguards or countermeasures) prescribed for an information system which, taken together, satisfy the systems specified security requirements and adequately protect the confidentiality, integrity, and availability of the system and its information. [NIST-SP800-60V2:2004]

(en) Security control

An administrative, operational, technical, physical or legal measure for managing security risk. This term is synonymous with safeguard.

http://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=16578

(en) Security Control Assessment

The testing and/or evaluation of the management, operational, and technical security controls in an information system to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system. [NIST-SP800-53:2013]

(en) security control assessment

The testing and/or evaluation of the management, operational, and technical security controls to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system or enterprise. [CNSSI_4009:2010]

(fr) Contrôle

Moyen permettant de gérer un risque, en sassurant que lobjectif business est atteint, ou en sassurant quun processus est suivi. Exemples de contrôles: Polices, Procédures, Rôles, RAID, verrous, etc. Un contrôle est parfois appelé contre-mesure ou mesure de sécurité.

Le terme contrôle signifie également un moyen de gérer lutilisation ou le comportement dun élément de configuration, dun système ou dun service des TI.

[ITIL:2007]

(fr) moyen de maîtrise

mesure qui modifie un risque

NOTE 1. Un moyen de maîtrise du risque inclut n'importe quels processus, politique, dispositif, pratique ou autres actions qui modifient un risque.

[ISO Guide 73:2009]

(fr) Contrôle

Dans le contexte de la sécurité ICT, le terme contrôle est habituellement considéré comme un synonyme de safeguard ou contre-mesure.

http://www.cases.public.lu/functions/glossaire/

(fr) Contrôle de sécurité

Mesure administrative, opérationnelle, technique, physique ou juridique visant à gérer les risques pour la sécurité. Cette expression est synonyme de protection.

http://www.tbs-sct.gc.ca/pol/doc-fra.aspx?id=16578

Temas relacionados

Términos