Glossary

Acronym

Meaning

ALE

Annual Loss Expectancy

ARO

Annual Rate of Occurrence

AS/NZS 4360

Australian and New Zealand Risk Standard

AS/NZS 4444

The Australian and New Zealand version of BS 7799

AS/NZS 7799

Replacement for AS/NZS 4444 aligned with ISO 2700x

AV

Asset Value

BCP

Business Continuity Plan

BIA

Business Impact Analysis

BS 7799 Part 2

Specification for Information Security Management

CAP

Corrective Action Plan

CCTV

Close Circuit Tele Vision

CRAMM

CCTA Risk Assessment Management Methodology

D & O

Directors and Officers

DRP

Disaster Recovery Plan

E & O

Errors and Omissions

EA/7-03

Guidelines for Accreditation of Bodies Operating Certification / Registration of Information Security Management Systems

EEA

European Economic Area

FIRM

Fundamental Information Risk Management

FRAP

Facilitated Risk Analysis Process

IPR

Intellectual Property Rights

ISMS

Information Security Management System
(Part of BS 7799 Part 2 and ISO 27001)

ISO 27002

Code of Practice for Information Security Management

ISO 27001

Replacement for BS 7799 Part 2

ISO 27002

ISO 27002 (latterly BS 7799 Part 1)

ISO 27003

Risk management standard

ISO 27004

ISMS measurement and metrics standard

ISO 27005

ISMS implementation guidance

ISO 27006

Replacement for EA/7-03

ISO Guide 73

ISO Guide for Risk Management - Vocabulary
- Guideline for use in standards

IT

Information Technology

KPI

Key Point Indicator

PC

Personal Computer

R & D

Research and Development

RA

Risk Assessment

RA2

Risk Assessment tool No 2

ROSI

Return On Security Investment

SARA

Simple to Apply Risk Assessment

SLE

Single Loss Expectancy

SoA

Statement of Applicability
(Part of BS 7799 Part 2 and ISO 27001)

SOP

Standard Operating Procedure

SPRINT

Simplified Process for Risk Identification

UK

United Kingdom

UKAS

United Kingdom Accreditation Service

UPS

Uninterruptible Power Supply

URL

Uniform Resource Locator