Tue Mar 10 20:41:42 PDT 2015

Overarching: Content: What content does the enterprise have and what are the consequences of protection failures?


Fill in the table by identifying relevant content types with examples and removing or replacing consequences identified.


Different mechanisms have different implications in different situations in terms of the consequences of protection failures.

Typical consequences identified include:

For example, a temperature control system might have LOW consequences in a small automated photographic developing facility, a MEDIUM consequence in a food production facility (where redundant tests identify a "bad batch"), and HIGH consequences in a chemical plant where its failure causes a major explosion.

Typically, consequences resulting from information protection failures are associated with a loss of integrity (I), availability (A), confidentiality (C), control over use (U), accountability (T), transparency (R), and custody (S) in an information system, with the ultimate result leading to real-world effects through the impact of the failures on the control system.

Copyright(c) Fred Cohen, 1988-2015 - All Rights Reserved