Ver:

·         Valor

Componente o funcionalidad de un sistema de información susceptible de ser atacado deliberada o accidentalmente con consecuencias para la organización. Incluye: información, datos, servicios, aplicaciones (software), equipos (hardware), comunicaciones, recursos administrativos, recursos físicos y recursos humanos. [ENS:2010]

Componente o funcionalidad de un sistema de información susceptible de ser atacado deliberada o accidentalmente con consecuencias para la organización. Incluye: información, datos, servicios, aplicaciones (software), equipos (hardware), comunicaciones, recursos administrativos, recursos físicos y recursos humanos. [UNE-71504:2008]

(Estrategia del Servicio) Cualquier Recurso o Capacidad. Los Activos de un Proveedor de Servicio incluyen todo aquello que se pueda atribuir a la entrega del Servicio. Los Activos pueden ser de los siguientes tipos: Administrativos, Organizativos, de Proceso, de Conocimiento, Personas, Información, Aplicaciones, Infraestructura, y de Capital. [ITIL:2007]

Recursos del sistema de información o relacionados con éste, necesarios para que la Organización funcione correctamente y alcance los objetivos propuestos por su Dirección. [Magerit:2012]

Cualquier recurso que tenga valor para el organismo y que sea necesario para la realización de sus objetivos. Destacamos especialmente los elementos esenciales y las entidades que es conveniente proteger. [EBIOS:2005]

Cualquier cosa que tiene un valor. [Ribagorda:1997]

either tangible or intangible value that is worth protecting, including people, information, infrastructure finances and reputation infrastructure, finances and reputation

ISACA, Cybersecurity Glossary, 2014

anything that has value to an individual, an organization or a government. [ISO-27032:2012]

A major application, general support system, high impact program, physical plant, mission critical system, personnel, equipment, or a logically related group of systems. [CNSSI_4009:2010]

Something of either tangible or intangible value worth protecting, including people, information, infrastructure, finances and reputation. [RiskIT-PG:2009]

person, structure, facility, information, material, or process that has value

Extended Definition: includes: contracts, facilities, property, records, unobligated or unexpended balances of appropriations, and other funds or resources, personnel, intelligence, technology, or physical infrastructure, or anything useful that contributes to the success of something, such as an organizational mission; assets are things of value or properties to which value can be assigned; from an intelligence standpoint, includes any resource – person, group, relationship, instrument, installation, or supply – at the disposal of an intelligence organization for use in an operational or support role

Annotation: In some domains, capabilities and activities may be considered assets as well. In the context of the National Infrastructure Protection Plan, people are not considered assets.

DHS Risk Lexicon, September 2008

(I) A system resource that is (a) required to be protected by an information system's security policy, (b) intended to be protected by a countermeasure, or (c) required for a system's mission. [RFC4949:2007]

(Service Strategy) Any Resource or Capability. Assets of a Service Provider include anything that could contribute to the delivery of a Service. Assets can be one of the following types: Management, Organisation, Process, Knowledge, People, Information, Applications, Infrastructure, and Financial Capital. [ITIL:2007]

entities that the owner of the TOE presumably places value upon.

TOE - Target of Evaluation

[CC:2006]

Any resource of value to the organisation and necessary for achieving its objectives. There is an important distinction between essential elements and entities needing to be protected. [EBIOS:2005]

A component or part of the total system. Assets may be of four types: physical, application software, data, or end user services. [CRAMM:2003]

Something of value to the enterprise. [Octave:2003]

Any information resource with value that is worth protecting or preserving. [TDIR:2003]

information or resources to be protected by the technical and non-technical countermeasures of a TOE. [ITSEM:1993]

A physical item, informational item, or capability required by an organization to maintain productivity. Examples include a computer system, a customer database, and an assembly line.

http://www.symantec.com/avcenter/refa.html

A digitally connected asset; that is. an asset that is connected to a routable network or a Host. The term Cyber Asset is used within the NERC reliability standards. which defines a Cyber Asset as any Asset connected to a mutable network within a control system; any Asset connected to a routable network outside of the control system; and/or any Asset reachable via dial-up. [knapp:2014]

A critical cyber asset is a cyber asset that is itself responsible for per- forming a critical function, or directly impacts an asset that performs a critical function. The term “critical cyber asset" is used heavily within NERC reliability standards for Critical Infrastructure Protection. [knapp:2014]

A “critical digital asset" is a digitally connected asset that is itself responsible for performing a critical function, or directly impacts an asset that performs a critical function. The term "critical digital asset" is used heavily within NRC regulations and guidance documents. Also see: Critical Cyber Asset. [knapp:2014]

Programmable electronic devices, including the hardware, software, and data in those devices. [NERC:2014]

(Stratégie de Services) Toute ressource ou capacité. Les actifs d'un fournisseur de service regroupent tout ce qui peut contribuer à la fourniture d'un service. Les actifs peuvent appartenir à une des catégories suivantes: Gestion, Organisation, Processus, Compétences, Personnel, Informations, Applications, Infrastructure, et Capital financier. [ITIL:2007]

tout élément représentant de la valeur pour l'organisme.

Toute ressource qui a de la valeur pour l'organisme et qui est nécessaire à la réalisation de ses objectifs. On distingue notamment les éléments essentiels et les entités qu'il convient de protéger. [EBIOS:2005]