Glossary of terms

  • Resilience of an information system Capacity of an information system to keep working in case of an attack, even in a degraded or weakened state, and to recover its operational capabilities and essential functions after the attack.
  • Risk Possibility that a concrete threat may exploit a vulnerability to cause a loss or damage in an information asset. Usually it is considered as a combination of the probability of an event and its consequences.  
  • Risk Management Systematic approach, based on the assessment of threats and vulnerabilities, for the determination of counter-measures necessary for the protection of information or services and resources that support it.