Global Standards

Security System

Definition(s)

Security System

A device or multiple devices designed, installed and operated to monitor, detect, observe, or communicate about activity that may pose a security threat.

Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1^st Ed. September 2016. Global Standards

Security Sweep

Definition(s)

Security Sweep

A walk-through to visually inspect the facility to identify unattended packages, briefcases, luggage, unauthorized persons, or other security breaches and determine that all restricted areas are secure.

Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1^st Ed. September 2016. Global Standards

Secure Area

Definition(s)

Secure Area

The area over which the owner/operator has implemented security measures for access control in accordance with the security plan.

Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1^st Ed. September 2016. Global Standards

Restricted Areas

Definition(s)

Restricted Areas

Locations that require limited access and a higher degree of security protection in accordance with the security plan. The entire facility may be designated the restricted area, as long as the entire facility is provided the appropriate level of security. Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1^st Ed. September 2016. Global Standards

Restricted Areas

An area containing systems or assets that, if compromised, would have a major adverse impact on people, the environment, assets, and economic stability.

Note: Restricted areas include control centre operations, security departments, and certain information technology areas.

Source: Canadian Standards Association, Z246.1-09, Security management for petroleum and natural gas industry systems, August 2009, Regional Standards

Owner/Operator

Definition(s)

Owner/Operator

Means any person or entity that owns or maintains operational control over any facility. Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1^st Ed. September 2016. Global Standards

Internet of things (IoT)

Definition(s)

Internet of things (IoT)

Means a peer-to-peer network of objects and things that can be sensed, controlled, and programmed, where everything is networked and capable of communicating to each other.

Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1^st Ed. September 2016. Global Standards

Facility Security Plan (FSP)

Definition(s)

Facility Security Plan (FSP)

The document developed to ensure the application of security measures.

Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1^st Ed. September 2016. Global Standards

Escorting

Definition(s)

Escorting

Ensuring the continuous monitoring through accompaniment or technical means, such as CCTV, in a manner sufficient to observe if the individual is engaged in unauthorized activities. Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1^st Ed. September 2016. Global Standards

Disparate Treatment

Definition(s)

Disparate Treatment

Intentional discrimination in employment if a covered employer uses criminal history information differently based on an applicant's or employee's race, national origin, or other protected trait. Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1^st Ed. September 2016. Global Standards

Disparate Impact Stability

Definition(s)

Disparate Impact Stability

Arises if an employer uniformly administers a criminal background check that disproportionately excludes people of a particular race, national origin, or other protected characteristic, and is not "job related for the position(s) in question and consistent with business necessity.

Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1^st Ed. September 2016. Global Standards

Dangerous Substances or Devices

Definition(s)

Dangerous Substances or Devices

Any material, substance, or item that reasonably has the potential to cause a security incident.

Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1^st Ed. September 2016. Global Standards

Critically

Definition(s)

Critically

Importance to a mission or function, or continuity of operations.

Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1^st Ed. September 2016. Global Standards

Breach of Security

Definition(s)

Breach of Security

An incident that has not resulted in security incident, in which security measures have been circumvented, eluded, or violated.

Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1^st Ed. September 2016. Global Standards

Countermeasures

Definition(s)

Countermeasures

Actions, measures, or devices intended to reduce an identified risk.

Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1^st Ed. September 2016. Global Standards

21st Century Security Strategy

Definition(s)

21st Century Security Strategy

The combined physical and logical/cyber governance strategies (principles, policies and controls) designed to safeguard the organization's assets, including its workforce, facilities, operations, equipment, technology, systems, communications, and information against threats and potential security events and to comply with regulatory frameworks.

Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1^st Ed. September 2016. Global Standards

Access Control Point

Definition(s)

Access Control Point

Means those control points that are used on a daily basis to control ingress/egress to the facility. Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1^st Ed. September 2016. Global Standards

Contraband Items Search

Definition(s)

Contraband Items Search

An unannounced search of personnel, their work areas, locker rooms, or vehicles for prohibited items.

Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1^st Ed. September 2016. Global Standards

Search for Cause

Definition(s)

Search for Cause

The search of a specific individual, their vehicle or their possessions, which is suspected of committing a violation of company policies. Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1^st Ed. September 2016. Global Standards

Gate Search

Definition(s)

Gate Search

The routine inspection of persons and vehicles entering or leaving the facility. Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1^st Ed. September 2016. Global Standards

Targeted Screen

Definition(s)

Targeted Screen

A criminal record review that considers the nature of the crime, the time elapsed since the offense, and the nature of the job.

Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1^st Ed. September 2016. Global Standards

Imminent Threat Level

Definition(s)

Imminent Threat Level

An alert level which warns of a credible, specific, and impending terrorist threat. Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1^st Ed. September 2016. Global Standards

Elevated Threat Level

Definition(s)

Elevated Threat Level

An alert level which indicates that there is a credible terrorist threat. Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1^st Ed. September 2016. Global Standards

Remote Access

Definition(s)

Remote Access

Use of systems that are inside the perimeter of the security zone being addressed from a different geographical location with the same rights as when physically present at the location. Source: DNVGL-RP-G108, Cyber security in the oil and gas industry based on IEC 62443, DNV GL, September 2017. Global Standards

Remote Access

Use of systems that are inside the perimeter of the security zone being addressed from a different geographical location with the same rights as when physically present at the location.

NOTE: The exact definition of “remote” can vary according to situation. For example, access may come from a location that is remote to the specific zone, but still within the boundaries of a company or organization. This might represent a lower risk than access that originates from a location that is remote and outside of a company’s boundaries

Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard

Outsider

Definition(s)

Outsider

Person or group not trusted with inside access, who may or may not be known to the targeted organization.

Source: DNVGL-RP-G108, Cyber security in the oil and gas industry based on IEC 62443, DNV GL, September 2017. Global Standards

Outsider

Person or group not “trusted” with inside access, who may or may not be known to the targeted organization (See “insider”).

NOTE: Outsiders may or may not have been insiders at one time.

Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard

Defense in Depth

Definition(s)

Defense in Depth

The strategy of placing layers of increased protection between access points and critical assets, Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1^st Ed. September 2016. Global Standards

Defense in Depth

Provision of multiple security protections, especially in layers, with the intent to delay if not prevent an attack.

NOTE: Defense in depth implies layers of security and detection, even on single systems, and provides the following features:

attackers are faced with breaking through or bypassing each layer without being detected
a flaw in one layer can be mitigated by capabilities in other layers
system security becomes a set of layers within the overall network security.

Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard

Automated Vehicle

Definition(s)

Automated Vehicle

Mobile device that includes a control system allowing it to operate either autonomously or under remote control.

Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard

Technical Authority

Definition(s)

Technical Authority

Competent and technically qualified person or organization with evidence to demonstrate the expertise, skills, and experience regarding design, quality, and manufacturing processes necessary to perform the required verification(s). Source: API STANDARD 16AR, Standard for Repair and Remanufacture of Drill-through Equipment, First Edition, April 2017. Global Standards

Technical Authority

A competent and technically qualified person or organization with evidence to demonstrate the expertise, skills, and experience regarding quality and manufacturing processes necessary to perform the required verification(s). Source: API Specification 20E, Alloy and Carbon Steel Bolting for Use in the Petroleum and Natural Gas Industries, Second Edition, February 2017. Global Standards

Raw Material

Definition(s)

Raw Material

Bar, coil, rod, or wire used to manufacture bolting.

Source: API Specification 20E, Alloy and Carbon Steel Bolting for Use in the Petroleum and Natural Gas Industries, Second Edition, February 2017. Global Standards

Production Lot

Definition(s)

Production Lot

Bolting of a single nominal diameter and grade made from the same heat lot.

Source: API Specification 20E, Alloy and Carbon Steel Bolting for Use in the Petroleum and Natural Gas Industries, Second Edition, February 2017. Global Standards

Manufacturing Process Specification

Definition(s)

Manufacturing Process Specification

A written document describing the complete production sequence and method.

NOTE: Manufacturing process specification is usually proprietary by manufacturer and not for general publication but is available for review by customers or authorized third parties.

Source: API Specification 20E, Alloy and Carbon Steel Bolting for Use in the Petroleum and Natural Gas Industries, Second Edition, February 2017. Global Standards

Live Search

Glossary

FAQ

Contribute

Definition(s)

Security System

Definition(s)

Security Sweep

Definition(s)

Secure Area

Definition(s)

Restricted Areas

Restricted Areas

Definition(s)

Owner/Operator

Definition(s)

Internet of things (IoT)

Definition(s)

Facility Security Plan (FSP)

Definition(s)

Escorting

Definition(s)

Disparate Treatment

Definition(s)

Disparate Impact Stability

Definition(s)

Dangerous Substances or Devices

Definition(s)

Critically

Definition(s)

Breach of Security

Definition(s)

Countermeasures

Definition(s)

21st Century Security Strategy

Definition(s)

Access Control Point

Definition(s)

Contraband Items Search

Definition(s)

Search for Cause

Definition(s)

Gate Search

Definition(s)

Targeted Screen

Definition(s)

Imminent Threat Level

Definition(s)

Elevated Threat Level

Definition(s)

Remote Access

Remote Access

Definition(s)

Outsider

Outsider

Definition(s)

Defense in Depth

Defense in Depth

Definition(s)

Automated Vehicle

Definition(s)

Technical Authority

Technical Authority

Definition(s)

Raw Material

Definition(s)

Production Lot

Definition(s)

Manufacturing Process Specification