Sun Nov 23 12:48:30 PST 2014

Overarching: Content: What content does the enterprise have and what are the consequences of protection failures?


Options:

Fill in the table by identifying relevant content types with examples and removing or replacing consequences identified.

Basis:

Different mechanisms have different implications in different situations in terms of the consequences of protection failures.

Typical consequences identified include:

For example, a temperature control system might have LOW consequences in a small automated photographic developing facility, a MEDIUM consequence in a food production facility (where redundant tests identify a "bad batch"), and HIGH consequences in a chemical plant where its failure causes a major explosion.

Typically, consequences resulting from information protection failures are associated with a loss of integrity (I), availability (A), confidentiality (C), control over use (U), accountability (T), transparency (R), and custody (S) in an information system, with the ultimate result leading to real-world effects through the impact of the failures on the control system.

Copyright(c) Fred Cohen, 1988-2015 - All Rights Reserved