Ver:
· Control
Medio
destinado a mejorar la seguridad, especificado para un requerimiento de
seguridad y que es necesario implementar para satisfacerla. Puede tratarse de
medidas de previsión o de preparación, de disuasión, protección, detección,
aislamiento, de "lucha", de recuperación, restauración,
compensación... [EBIOS:2005]
Procedimiento
o mecanismo tecnológico que reduce el riesgo. [Magerit:2012]
Práctica,
procedimiento o mecanismo que trata los riesgos. [UNE-71504:2008]
Protective
measures prescribed to meet the security requirements (i.e., confidentiality,
integrity, and availability) specified for an information system. Safeguards
may include security features, management constraints, personnel security, and
security of physical structures, areas, and devices. Synonymous with security
controls and countermeasures. [CNSSI_4009:2010]
A measure
designed to improve security, specified by a security requirement and
implemented to comply with it. The effect of the measures may be to anticipate,
prepare, dissuade, protect, detect, confine, combat, recover, restore,
compensate, etc. [EBIOS:2005]
Protective
measures prescribed to meet the security requirements (i.e., confidentiality,
integrity, and availability) specified for an information system. Safeguards
may include security features, management constraints, personnel security, and
security of physical structures, areas, and devices. [NIST-SP800-53:2013]
Administrative
actions and policies and procedures (1) to manage the selection, development,
implementation, and maintenance of security measures, and (2) to protect ePHI
and to manage the conduct of the Covered Components' workforce in relation to
the protection of ePHI.
http://www.hipaa.yale.edu/overview/glossary.html
are measures,
policies, and procedures to physically protect the Covered Components' Systems
and related buildings and equipment that contain ePHI, from natural and environmental
hazards and unauthorized intrusion.
http://www.hipaa.yale.edu/overview/glossary.html
are the
technology, and the policy and procedures for its use that protect electronic
protected health information and control access to it.
http://www.hipaa.yale.edu/overview/glossary.html
Moyen destiné à
améliorer la sécurité, spécifié par une exigence de sécurité et à mettre en
uvre pour la satisfaire. Il peut s'agir de mesures de prévision ou de
préparation, de dissuasion, de protection, de détection, de confinement, de
"lutte", de récupération, de restauration, de compensation... [EBIOS:2005]
Safeguard Les mesures
sécurité minimales approuvées et les contrôles qui, quand ils sont correctement
employés, permettent de prévenir et de réduire les risques d'exploitation de
vulnérabilités spécifiques qui pourraient compromettre un système IT.
MG02: A Guide to
Security Risk Management for Information Technology, CSE, 1996.
Temas relacionados