Black Swan


A term popular in Business Continuity Management (BCM), based upon a book of the same name in which the author defines a black swan as an event that could not be predicted by normal scientific or probability methods. BCM professionals need to prepare for “black swan” events.

 Source: BCI/DRJ



Person with competence to conduct an audit.

 Source: ASIS, ISO 9001 2000

Audit Trail


  1. A chronological record that reconstructs and examines the sequence of activities surrounding or leading to a specific operation, procedure, or event in a security relevant transaction from inception to final result.
  2. A record showing who has accessed an information technology (IT) system and what operations the user has performed during a given period.

 Source: CNSSI-4009



Formal inspection and verification to check whether a standard or set of guidelines is being followed, records are accurate, or efficiency and effectiveness targets are being met. Scope Note: May be carried out by internal or external groups.

 Source: ISACA

Acceptable Risk


The level of residual risk that has been determined to be a reasonable level of potential loss/disruption for a specific IT System. 

Source: NIST 800-16

A level of residual risk to the organization’s operations, assets, or individuals that falls within the defined risk appetite and risk tolerance by the organization.

Source: NIST 800-16lrl

The level of potential losses that a society or community considers acceptable given existing social, economic, political, cultural, technical and environmental conditions. UNISDR Editor’s Note: In engineering terms, acceptable risk is also used to assess and define the structural and non-structural measures that are needed in order to reduce possible harm to people, property, services and systems to a chosen tolerated level, according to codes or “accepted practice” which are based on known probabilities of hazards and other factors.

Source: UNISDR