Tooltip Categories: Disaster Recovery

Business Resumption

Business Resumption

 Definition(s):

The condition of a function, following its recovery, when it is ready to take on tasks and activities to meet new business obligations.

 Source: Singapore MAS

Business Recovery Timeline

Business Recovery Timeline

 Definition(s):

The approved sequence of activities required to achieve stable operations following a business interruption. This timeline may range from minutes to weeks, depending upon the recovery requirements and methodology.

 Source: BCI/DRJ

Business Recovery

Business Recovery

 Definition(s):

Steps taken to resume the business within an acceptable timeframe following a disruption.

Source: BCI/DRJ

Best Practice

Best Practice

 Definition(s):

Proven activities or processes that have been successfully used by multiple organizations.

 Source: ITIL

Backup facility

Backup facility

 Definition(s):

A redundant system or service that is kept available for use in case of a failure of a primary facility.

 Source: NIST

Backup

Backup

 Definition(s):

A process by which data, electronic or paper based is copied in some form so as to be available and used if the original data from which it originated is lost, destroyed or corrupted.

 Source: BCI/DRJ

  1. A copy of files and programs made to facilitate recovery if necessary.
  2.  A copy of key information to facilitate recovery during the cryptoperiod of the key, if necessary.
  3. To copy a key and/or metadata to a medium that is separate from that used for operational storage and from which the key and/or metadata can be recovered if the original values in operational storage are lost or modified.
  4. The process of copying information or processing status to a redundant system, service, device or medium that can provide the needed processing capability when needed.

 Source: NIST

Authority Having Jurisdiction

Authority Having Jurisdiction

 Definition(s):

An organization, office, or individual responsible for enforcing the requirements of a code or standard, or for approving equipment, materials, an installation, or a procedure.

 Source: NFPA 1600

Authentication

Authentication

 Definition(s):

The process of verifying the identity or other attributes claimed by or assumed of an entity (user, process, or device), or to verify the source and integrity of data. NIST SP 800-53: Verifying the identity of a user, process, or device, often as a prerequisite to allowing access to resources in an information system.

 Source: DRI

Auditor

Auditor

 Definition(s): 

Person with competence to conduct an audit.

 Source: ASIS, ISO 9001 2000

Audit Trail

Audit Trail

 Definition(s):

  1. A chronological record that reconstructs and examines the sequence of activities surrounding or leading to a specific operation, procedure, or event in a security relevant transaction from inception to final result.
  2. A record showing who has accessed an information technology (IT) system and what operations the user has performed during a given period.

 Source: CNSSI-4009