The IT Law Wiki

Adequate security

31,938pages on
this wiki

Definition Edit

Adequate security is

security commensurate with the risk and the magnitude of harm resulting from the loss, misuse, or unauthorized access to or modification of information. This includes assuring that systems and applications used by the agency operate effectively and provide appropriate confidentiality, integrity, and availability, through the use of cost-effective management, personnel, operational, and technical controls.[1]
[A] set of minimum security requirements that the system is expected to meet.[2]

References Edit

  1. OMB Circular No. A-130, App. III, (A)(2)(a); NIST Special Publication 800-53; FIPS 200.
  2. Principles for Cybersecurity and Critical Infrastructure Protection, at 113.

Around Wikia's network

Random Wiki