Overarching: Content: What content does the enterprise have and what are the consequences of protection failures?Options:Fill in the table by identifying relevant content types with examples and removing or replacing consequences identified.Basis:Different mechanisms have different implications in different situations in terms of the consequences of protection failures. Typical consequences identified include:
For example, a temperature control system might have LOW consequences in a small automated photographic developing facility, a MEDIUM consequence in a food production facility (where redundant tests identify a "bad batch"), and HIGH consequences in a chemical plant where its failure causes a major explosion. Typically, consequences resulting from information protection failures are associated with a loss of integrity (I), availability (A), confidentiality (C), control over use (U), accountability (T), transparency (R), and custody (S) in an information system, with the ultimate result leading to real-world effects through the impact of the failures on the control system. |