|“||[t]he magnitude of harm that can be expected to result from the consequences of unauthorized disclosure of information, unauthorized modification of information, unauthorized destruction of information, or loss of information or information system availability.||”|
|“||[t]he effect on organizational operations, organizational assets, individuals, other organizations, or the Nation (including the national security interests of the United States) of a loss of confidentiality, integrity, or availability of information or an information system.||”|
|“||[t]he consequences of an incident on one or more assets constitute the impact (for instance personal data that are no longer accurate).||”|
- ↑ NIST Special Publication 800-60, Vol. I, Rev. 1, at A-4.
- ↑ NIST Special Publication 800-53, App. B, Glossary.
- ↑ Commission for the Protection of Privacy, Glossary (full-text).