ISO 22300:2021, Security and resilience – Vocabulary, is an international standard developed by ISO/TC 292 Security and resilience. This document defines terms used in security and resilience standards and includes 360 terms and definitions.[1][2][3] This edition was published in the beginning of 2021 and replaces the second edition from 2018.[4][5]

Scope and contents

edit

ISO 22300:2018 contains definitions for the following terms:[6]

  • activity
  • affected area
  • after-action report
  • alert
  • all clear
  • all-hazards
  • alternate worksite
  • appropriate law enforcement and other government officials
  • area at risk
  • asset
  • attack
  • attribute data management system, ADMS
  • audit
  • auditor
  • authentic material good
  • authentication
  • authentication element
  • authentication function
  • authentication solution
  • authentication tool
  • authoritative source
  • authorized economic operator
  • automated interpretation
  • business continuity
  • business continuity management
  • business continuity management system, BCMS
  • business continuity plan
  • business continuity programme
  • business impact analysis
  • business partner
  • capacity
  • cargo transport unit
  • certified client
  • civil protection
  • client
  • closed-circuit television system, CCTV system
  • colour blindness
  • colour-code
  • command and control
  • command and control system
  • communication and consultation
  • community
  • community-based warning system
  • competence
  • conformity
  • consequence
  • contingency
  • continual improvement
  • conveyance
  • cooperation
  • coordination
  • correction
  • corrective action
  • counterfeit, verb
  • counterfeit good
  • countermeasure
  • covert authentication element
  • crisis
  • crisis management
  • crisis management team
  • critical control point, CCP
  • critical customer
  • critical product or service
  • critical supplier
  • criticality analysis
  • custodian copy
  • custody
  • disaster
  • disruption
  • document
  • documented information
  • downstream
  • drill
  • dynamic metadata
  • effectiveness
  • emergency
  • emergency management
  • entity
  • evacuation
  • evaluation
  • event
  • exercise
  • exercise annual plan
  • exercise coordinator
  • exercise programme
  • exercise programme manager
  • exercise project team
  • exercise safety officer
  • facility
  • false acceptance rate
  • false rejection rate
  • forensic
  • forensic analysis
  • full-scale exercise
  • functional exercise
  • geo-location
  • goods
  • hazard
  • hazard monitoring function
  • hue
  • human interpretation
  • human rights risk analysis, HRRA
  • identification
  • identifier
  • identity
  • impact
  • impact analysis
  • impartiality
  • improvisation
  • incident
  • incident command
  • incident management system
  • incident preparedness
  • incident response
  • information
  • infrastructure
  • inherently dangerous property
  • inject
  • inspector
  • inspector access history
  • integrated authentication element
  • integrity
  • interested party
  • internal attack
  • internal audit
  • international supply chain
  • interoperability
  • intrinsic authentication element
  • invocation
  • key performance indicator, KPI
  • less-lethal force
  • likelihood
  • logical structure
  • management
  • management plan
  • management system
  • management system consultancy and/or associated risk assessment
  • material good
  • material good life cycle
  • maximum acceptable outage, MAO
  • maximum tolerable period of disruption, MTPD
  • measurement
  • metadata
  • minimum business continuity objective, MBCO
  • mitigation
  • monitoring
  • mutual aid agreement
  • nonconformity
  • notification
  • object
  • object examination function, OEF
  • objective
  • observer
  • off-the-shelf authentication tool
  • on-line authentication tool
  • operational information
  • organization
  • organization in the supply chain
  • outsource, verb
  • overt authentication element
  • owner
  • participant
  • partnering
  • partnership
  • people at risk
  • performance
  • performance evaluation
  • personnel
  • planning
  • policy
  • preparedness
  • prevention
  • prevention of hazards and threats
  • preventive action
  • prioritized activity
  • private security service provider
  • probability
  • procedure
  • process
  • product or service
  • protection
  • public warning
  • public warning system
  • purpose-built authentication tool
  • record
  • recovery
  • recovery point objective, RPO
  • recovery time objective, RTO
  • requirement
  • residual risk
  • resilience
  • resource
  • response plan
  • response programme
  • response team
  • review
  • rights holder
  • risk
  • risk acceptance
  • risk analysis
  • risk appetite
  • risk assessment
  • risk communication
  • risk criteria
  • risk evaluation
  • risk identification
  • risk management
  • risk owner
  • risk reduction
  • risk register
  • risk sharing
  • risk source
  • risk tolerance
  • risk treatment
  • robustness
  • scenario
  • scene location
  • scope of exercise
  • scope of service
  • script
  • secret
  • security
  • security aspect
  • security cleared
  • security declaration
  • security management
  • security management objective
  • security management policy
  • security management programme
  • security management target
  • security operation
  • security operations management
  • security operations objective
  • security operations personnel
  • security operations policy
  • security operations programme
  • security personnel
  • security plan
  • security sensitive information
  • security threat scenario
  • self-defence
  • semantic interoperability
  • sensitive information
  • shelter in place, verb
  • specifier
  • stand-alone authentication tool
  • static metadata
  • strategic exercise
  • subcontracting
  • supply chain
  • supply chain continuity management, SCCM
  • syntactic interoperability
  • tamper evidence
  • target
  • target group
  • test
  • testing
  • threat
  • threat analysis
  • tier 1 supplier
  • tier 2 supplier
  • top management
  • track and trace
  • training
  • trusted query processing function, TQPF
  • trusted verification function, TVF
  • undesirable event
  • unique identifier, UID
  • upstream
  • use of force continuum
  • verification
  • vulnerability
  • vulnerable group
  • warning dissemination function
  • work environment
  • World Customs Organization, WCO
edit
  • ISO 22301 Security and resilience – Business continuity management systems – Requirements

History

edit
Year Description
2012 ISO 22300 (1st Edition)
2018 ISO 22300 (2nd Edition)
2021 ISO 22300 (3rd Edition)

References

edit
  1. ^ "Security and resilience — Vocabulary". iso.org. Retrieved 17 August 2023.
  2. ^ "ISO 22300:2018". ISO. 12 July 2019.
  3. ^ "Security and resilience -- Vocabulary". shop.standards.govt.nz.
  4. ^ "BS EN ISO 22300:2018 - Security and resilience. Vocabulary". shop.bsigroup.com.
  5. ^ "ISO 22300 Security and resilience - Vocabulary". www.din.de. Retrieved 2020-07-28.
  6. ^ "Archived copy". Archived from the original on 2016-06-17. Retrieved 2019-05-07.{{cite web}}: CS1 maint: archived copy as title (link)
edit
  • ISO 22300:2018 — Security and resilience — Vocabulary (Withdrawn, revised by ISO 22300:2021)
  • ISO 22300:2021 — Security and resilience — Vocabulary