Ver:
Huella o señal que deja.
DRAE. Diccionario de la Lengua Española.
(Operación del Servicio) (Transición del Servicio) Una medida del efecto de un Incidente, Problema o Cambio en los Procesos de Negocio. El Impacto está a menudo basado en como serán afectados los Niveles de Servicio. El Impacto y la Urgencia se emplean para asignar la Prioridad. [ITIL:2007]
Consecuencia que sobre un activo tiene la materialización de una amenaza. [Magerit:2012]
Impacto remanente en el sistema tras la implantación de las salvaguardas determinadas en el plan de seguridad de la información. [Magerit:2012]
Consecuencia para el organismo de la materialización de una amenaza. [EBIOS:2005]
The magnitude of
harm that can be expected to result from the consequences of unauthorized disclosure
of information, unauthorized modification of information, unauthorized
destruction of information, or loss of information or information system
availability. [CNSSI_4009:2010]
The loss of
confidentiality, integrity, or availability that could be expected to have a
limited (low) adverse effect, a serious (moderate) adverse effect, or a severe
or catastrophic (high) adverse effect on organizational operations,
organizational assets, or individuals. [CNSSI_4009:2010]
(Service
Operation) (Service Transition) A measure of the effect of an Incident, Problem
or Change on Business Processes. Impact is often based on how Service Levels
will be affected. Impact and Urgency are used to assign Priority. [ITIL:2007]
The loss of
confidentiality, integrity, or availability could be expected to have: (i) a
limited adverse effect (FIPS 199 low); (ii) a serious adverse effect (FIPS 199
moderate); or (iii) a severe or catastrophic adverse effect (FIPS 199 high) on
organizational operations, organizational assets, or individuals. [FIPS 199]
evaluated
consequence of a particular outcome. [BS25999-1:2006]
Consequences for
an organisation when a threat is accomplished. [EBIOS:2005]
The magnitude of
harm that can be expected to result from the consequences of unauthorized
disclosure of information, unauthorized modification of information,
unauthorized destruction of information, or loss of information or information
system availability. [NIST-SP800-60V2:2004]
The effect of a
threat on an organization's mission and business objectives. [Octave:2003]
The effect on the
organisation of a breach in security. [CRAMM:2003]
The effect,
acceptable or unacceptable, of an incident on a system, operation, schedule, or
cost. Unacceptable impact is impact deemed, by the system owner and as compared
to the missions and goals of the U.S. Department of Defense (DOD), as severe
enough to degrade an essential mission, capability, function, or system causing
an unacceptable result. Like impact, unacceptable impact refers to the total
system and all areas of operational concern, not only confidentiality.
http://www.symantec.com/avcenter/refa.html
Impact is the
effect that the organization using vulnerable software faces if a vulnerability
were to be exploited. Impact could range from specific tangible values such as
monetary fines from the breach of a law or regulation to intangible values such
as brand and reputation damage.
https://buildsecurityin.us-cert.gov/daisy/bsi/articles/knowledge/attack/590-BSI.html
(Exploitation de
Services) (Transition de Services) Mesure de l'effet d'un incident, problème ou
changement sur les processus business. L'impact est souvent basé sur la manière
dont les niveaux de service seront affectés. L'impact et l'urgence servent à
assigner une priorité. [ITIL:2007]
Conséquence sur l'organisme de la réalisation d'une menace. [EBIOS:2005]
Une des composantes de
l'évaluation des risques est la mesure des impacts possibles. Il va de soi que
la dynamique des faiblesses d'un système d'information et de communication et
de son exploitation va engendrer une multitude d'impacts possibles et que la valeur
des éléments impliqués va permettre de définir le risque encouru.
Il faut, dans un
premier temps, faire une distinction entre les dégâts causés par un événement
et l'impact résultant de cet événement.
http://www.cases.public.lu/functions/glossaire/
Temas relacionados