Ver:
Huella o señal que deja.
DRAE. Diccionario de la Lengua Española.
(Operación del Servicio) (Transición del Servicio)
Una medida del efecto de un Incidente, Problema o Cambio en los Procesos de
Negocio. El Impacto está a menudo basado en como serán afectados los Niveles de
Servicio. El Impacto y la Urgencia se emplean para asignar la Prioridad.
[ITIL:2007]
Consecuencia que sobre un activo tiene la
materialización de una amenaza. [Magerit:2012]
Impacto remanente en el sistema tras la implantación
de las salvaguardas determinadas en el plan de seguridad de la información. [Magerit:2012]
Consecuencia para el organismo de la materialización
de una amenaza. [EBIOS:2005]
The magnitude of harm that
can be expected to result from the consequences of unauthorized disclosure of
information, unauthorized modification of information, unauthorized destruction
of information, or loss of information or information system availability. [CNSSI_4009:2010]
The loss of confidentiality,
integrity, or availability that could be expected to have a limited (low)
adverse effect, a serious (moderate) adverse effect, or a severe or
catastrophic (high) adverse effect on organizational operations, organizational
assets, or individuals. [CNSSI_4009:2010]
(Service Operation) (Service
Transition) A measure of the effect of an Incident, Problem or Change on
Business Processes. Impact is often based on how Service Levels will be
affected. Impact and Urgency are used to assign Priority. [ITIL:2007]
The loss of confidentiality,
integrity, or availability could be expected to have: (i) a limited adverse
effect (FIPS 199 low); (ii) a serious adverse effect (FIPS 199 moderate); or
(iii) a severe or catastrophic adverse effect (FIPS 199 high) on organizational
operations, organizational assets, or individuals. [FIPS 199]
evaluated consequence of a
particular outcome. [BS25999-1:2006]
Consequences for an
organisation when a threat is accomplished. [EBIOS:2005]
The magnitude of harm that
can be expected to result from the consequences of unauthorized disclosure of
information, unauthorized modification of information, unauthorized destruction
of information, or loss of information or information system availability. [NIST-SP800-60V2:2004]
The effect of a threat on an
organization's mission and business objectives. [Octave:2003]
The effect on the
organisation of a breach in security. [CRAMM:2003]
The effect, acceptable or unacceptable,
of an incident on a system, operation, schedule, or cost. Unacceptable impact
is impact deemed, by the system owner and as compared to the missions and goals
of the U.S. Department of Defense (DOD), as severe enough to degrade an
essential mission, capability, function, or system causing an unacceptable
result. Like impact, unacceptable impact refers to the total system and all
areas of operational concern, not only confidentiality.
http://www.symantec.com/avcenter/refa.html
Impact is the effect that
the organization using vulnerable software faces if a vulnerability were to be
exploited. Impact could range from specific tangible values such as monetary
fines from the breach of a law or regulation to intangible values such as brand
and reputation damage.
https://buildsecurityin.us-cert.gov/daisy/bsi/articles/knowledge/attack/590-BSI.html
(Exploitation de
Services) (Transition de Services) Mesure de l'effet d'un incident, problème ou
changement sur les processus business. L'impact est souvent basé sur la manière
dont les niveaux de service seront affectés. L'impact et l'urgence servent à
assigner une priorité. [ITIL:2007]
Conséquence sur
l'organisme de la réalisation d'une menace. [EBIOS:2005]
Une des composantes de
l'évaluation des risques est la mesure des impacts possibles. Il va de soi que
la dynamique des faiblesses d'un système d'information et de communication et
de son exploitation va engendrer une multitude d'impacts possibles et que la valeur
des éléments impliqués va permettre de définir le risque encouru.
Il faut, dans un
premier temps, faire une distinction entre les dégâts causés par un événement
et l'impact résultant de cet événement.
http://www.cases.public.lu/functions/glossaire/