Glossary
Browse the IADC Lexicon alphabetically or by category. Get comprehensive definitions of drilling industry terms.
Requirement
Definition(s)
Requirement
Need or expectation that is stated, generally implied or obligatory.- Note 1 to entry: “Generally implied” means that it is custom or common practice for the organization and interested parties that the need or expectation under consideration is implied.
- Note 2 to entry: A specified requirement is one that is stated, for example in documented information.
Measurement Results
Definition(s)
Measurement Results
One or more indicators and their associated interpretations that address an information need. Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global StandardsMeasurement Method
Definition(s)
Measurement Method
Logical sequence of operations, described generically, used in quantifying an attribute with respect to a specified scale. [SOURCE: ISO/IEC 15939:2007]- Note 1 to entry: The type of measurement method depends on the nature of the operations used to quantify an attribute. Two types can be distinguished:
- subjective: quantification involving human judgment;
- objective: quantification based on numerical rules.
Measurement Function
Definition(s)
Measurement Function
Algorithm or calculation performed to combine two or more base measures. [SOURCE: ISO/IEC 15939:2007]. Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global StandardsMeasurement
Definition(s)
Measurement
Process to determine a value.- Note 1 to entry: In the context of information security the process of determining a value requires information about the effectiveness of an information security management system and its associated controls using a measurement method, a measurement function, an analytical model, and decision criteria.
ISMS Project
Definition(s)
ISMS Project
Structured activities undertaken by an organization to implement an ISMS. Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global StandardsInformation System
Definition(s)
Information System
Applications, services, information technology assets, or other information handling components. Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global StandardsInformation Sharing Community
Definition(s)
Information Sharing Community
Group of organizations that agree to share information.- Note 1 to entry: An organization can be an individual.
Information Security Incident Management
Definition(s)
Information Security Incident Management
Processes for detecting, reporting, assessing, responding to, dealing with, and learning from information. Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global StandardsInformation Security Incident
Definition(s)
Information Security Incident
Single or a series of unwanted or unexpected information security events that have a significant probability of compromising business operations and threatening information security. Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global StandardsInformation Security Event
Definition(s)
Information Security Event
Identified occurrence of a system, service or network state indicating a possible breach of information security policy or failure of controls, or a previously unknown situation that may be security relevant. Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global StandardsInformation Security Continuity
Definition(s)
Information Security Continuity
Processes and procedures for ensuring continued information security operations. Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global StandardsInformation Security
Definition(s)
Information Security
Preservation of confidentiality, integrity and availability of information.- Note 1 to entry: In addition, other properties, such as authenticity, accountability, non-repudiation, and reliability can also be involved.
Information Processing Facilities
Definition(s)
Information Processing Facilities
Any information processing system, service or infrastructure, or the physical location housing it. Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global StandardsInformation Need
Definition(s)
Information Need
Insight necessary to manage objectives, goals, risks and problems. [SOURCE: ISO/IEC 15939:2007]. Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global StandardsGoverning Body
Definition(s)
Governing Body
Person or group of people who are accountable for the performance and conformance of the organization.- Note 1 to entry: Governing body can in some jurisdictions be a board of directors.
Governance of Information Security
Definition(s)
Governance of Information Security
System by which an organization’s information security activities are directed and controlled. Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global StandardsExecutive Management
Definition(s)
Executive Management
Person or group of people who have delegated responsibility from the governing body for implementation of strategies and policies to accomplish the purpose of the organization Note 1 to entry: Executive management is sometimes called top management and can include Chief Executive Officers, Chief Financial Officers, Chief Information Officers, and similar roles. Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global StandardsDocumented Information
Definition(s)
Documented Information
Information required to be controlled and maintained by an organization and the medium on which it is contained- Note 1 to entry: Documented information can be in any format and media and from any source.
- Note 2 to entry: Documented information can refer to
- the management system, including related processes;
- information created in order for the organization to operate (documentation);
- evidence of results achieved (records).
Derived Measure
Definition(s)
Derived Measure
Measure that is defined as a function of two or more values of base measures. [SOURCE: ISO/IEC 15939:2007] Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global StandardsDecision Criteria
Definition(s)
Decision Criteria
Thresholds, targets, or patterns used to determine the need for action or further investigation, or to describe the level of confidence in a given result. [SOURCE: ISO/IEC 15939:2007] Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global StandardsControl Objective
Definition(s)
Control Objective
Statement describing what is to be achieved as a result of implementing controls. Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global StandardsContinual Improvement
Definition(s)
Continual Improvement
Recurring activity to enhance performance. Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global StandardsBase Measure
Definition(s)
Base Measure
measure defined in terms of an attribute and the method for quantifying it. [SOURCE: ISO/IEC 15939:2007] Note 1 to entry: A base measure is functionally independent of other measures. Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global StandardsAnalytical Model
Definition(s)
Analytical Model
Algorithm or calculation combining one or more base measures and/or derived measures with associated decision criteria. Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global StandardsWillingness-to-pay
Definition(s)
Willingness-to-pay
Amount a person would be willing to pay, sacrifice, or exchange for a benefit. Sample Usage: A survey estimated the public's willingness-to-pay in dollars for new security measures. Source: DHS Risk Lexicon, U.S. Department of Homeland Security, 2010 Edition. September 2010 Regulatory GuidanceWillingness-to-accept
Definition(s)
Willingness-to-accept
Amount a person is willing to accept to forgo a benefit. Sample Usage: Researchers designed a survey to estimate the willingness-to-accept dollar value travelers would require to compensate for time, convenience, and privacy potentially lost under a proposed security measure. Source: DHS Risk Lexicon, U.S. Department of Homeland Security, 2010 Edition. September 2010 Regulatory GuidanceVulnerability Assessment
Definition(s)
Vulnerability Assessment
A product or process of identifying physical features or operational attributes that renders an entity, asset, system, network, or geographic area susceptible or exposed to hazards.
Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1st Ed. September 2016. Global StandardsVulnerability Assessment
Product or process of identifying physical features or operational attributes that renders an entity, asset, system, network, or geographic area susceptible or exposed to hazards.
Source:API STANDARD 780, Security Risk Assessment Methodology for the Petroleum and Petrochemical Industries, First Edition, May 2013. Global Standards