Sikkerhetsmomenter

Sikkerhetsmomenter • Konfidensialitet • Integritet • Tilgjengelighet • Autentisering • Non-Repudiation (Uomtvistelig) • Sporbarhet

Ord og definisjoner • Risiko • Trussel • Sårbarhet • Tiltak (Sikring, Sikkerhetstiltak) • Eiendeler • Verdier • Beskyttelseskrav

Termer og definisjoner • Trussel: kilde eller situasjon som potensielt kan påføre organisasjonens eiendeler skade • Risiko: Sjansen for at noe skjer som kan ha påvirkning på ulike objekter, målt i sannsynlighet og konsekvens • Akseptabel risiko: Risiko redusert til et nivå som kan aksepteres av organisasjonen

Matrise for trusselvurdering

Matrise for risikovurdering

Exposure, likelihood (L) is specified from 1 to 3 where 1 is low (<30%), 2 is middle (30 –70%) and 3 is high (>70%) • Eksponering • Consequence (C) is specified when possible from 1 to 3 where 1 is low (of minor sighnificance), 2 is medium (impacts the result), and 3 is high (goal not achievable) • Konsekvens • Level of Threat ( T ) is Likelihood (L) ”multiplied” by Consequence (C). • Trusselnivå • Control Measures (M) specifies to which degree the measures described are considered effective. Low – Medium – High. • Kontrollmuligheter • The column for Risk Level (R) specifies the evaluation result as Low – Medium – High based on the scheme for Risk Assessment • Risikonivå

Exposure, likelihood (L) is specified from 1 to 3 where 1 is low (<30%), 2 is middle (30 –70%) and 3 is high (>70%) • Consequence (C) is specified when possible from 1 to 3 where 1 is low (of minor sighnificance), 2 is medium (impacts the result), and 3 is high (goal not achievable) • Level of Threat ( T ) is Likelihood (L) ”multiplied” by Consequence (C). • Control Measures (M) specifies to which degree the measures described are considered effective. Low – Medium – High. • The column for Risk Level (R) specifies the evaluation result as Low – Medium – High based on the scheme for Risk Assessment

Sikkerhetsmomenter

Sikkerhetsmomenter

Presentation Transcript