Medio
destinado a mejorar la seguridad, especificado para un requerimiento de
seguridad y que es necesario implementar para satisfacerla. Puede tratarse de
medidas de previsión o de preparación, de disuasión, protección, detección,
aislamiento, de "lucha", de recuperación, restauración,
compensación... [EBIOS:2005]
Procedimiento
o mecanismo tecnológico que reduce el riesgo. [Magerit:2012]
Práctica,
procedimiento o mecanismo que trata los riesgos. [UNE-71504:2008]
Protective measures
prescribed to meet the security requirements (i.e., confidentiality, integrity,
and availability) specified for an information system. Safeguards may include
security features, management constraints, personnel security, and security of
physical structures, areas, and devices. Synonymous with security controls and
countermeasures. [CNSSI_4009:2010]
A measure designed to
improve security, specified by a security requirement and implemented to comply
with it. The effect of the measures may be to anticipate, prepare, dissuade,
protect, detect, confine, combat, recover, restore, compensate, etc.
[EBIOS:2005]
Protective measures
prescribed to meet the security requirements (i.e., confidentiality, integrity,
and availability) specified for an information system. Safeguards may include
security features, management constraints, personnel security, and security of
physical structures, areas, and devices. [NIST-SP800-53:2013]
Administrative actions and
policies and procedures (1) to manage the selection, development,
implementation, and maintenance of security measures, and (2) to protect ePHI
and to manage the conduct of the Covered Components' workforce in relation to
the protection of ePHI.
http://www.hipaa.yale.edu/overview/glossary.html
are measures, policies, and
procedures to physically protect the Covered Components' Systems and related
buildings and equipment that contain ePHI, from natural and environmental
hazards and unauthorized intrusion.
http://www.hipaa.yale.edu/overview/glossary.html
are the technology, and the
policy and procedures for its use that protect electronic protected health
information and control access to it.
http://www.hipaa.yale.edu/overview/glossary.html
Moyen destiné à
améliorer la sécurité, spécifié par une exigence de sécurité et à mettre en
œuvre pour la satisfaire. Il peut s'agir de mesures de prévision ou de
préparation, de dissuasion, de protection, de détection, de confinement, de
"lutte", de récupération, de restauration, de compensation... [EBIOS:2005]
Safeguard Les mesures
sécurité minimales approuvées et les contrôles qui, quand ils sont correctement
employés, permettent de prévenir et de réduire les risques d'exploitation de
vulnérabilités spécifiques qui pourraient compromettre un système IT.
MG02: A Guide to Security
Risk Management for Information Technology, CSE, 1996.