分享
ASTM_E_2674_-_09.pdf
下载文档

ID:171711

大小:81.75KB

页数:4页

格式:PDF

时间:2023-03-04

收藏 分享赚钱
温馨提示:
1. 部分包含数学公式或PPT动画的文件,查看预览时可能会显示错乱或异常,文件下载后无此问题,请放心下载。
2. 本文档由用户上传,版权归属用户,汇文网负责整理代发布。如果您对本文档版权有争议请及时联系客服。
3. 下载前请仔细阅读文档内容,确认文档内容符合您的需求后进行下载,若出现内容与标题不符可向本站投诉处理。
4. 下载文档时可能由于网络波动等原因无法下载或下载错误,付费完成后未能成功下载的用户请联系客服处理。
网站客服:3074922707
TM_E_2674_ _09
Designation:E 2674 09Standard Practice forAssessment of Impact of Mobile Data Storage Device(MDSD)Loss1This standard is issued under the fixed designation E 2674;the number immediately following the designation indicates the year oforiginal adoption or,in the case of revision,the year of last revision.A number in parentheses indicates the year of last reapproval.Asuperscript epsilon()indicates an editorial change since the last revision or reapproval.1.Scope1.1 This practice describes a methodology for assessing andquantifying the impact of the loss of mobile data storagedevices(MDSDs),for example,thumb drives,auxiliary harddrives,and other property containing personally identifiableinformation or other entity sensitive information.1.2 This practice is based on two concepts:1.2.1 Identifying the MDSDs that pose the greatest risk tothe organization based on both the information that is stored onthem and the location in which they are used,and1.2.2 Determining the impact of the potential loss of spe-cific MDSDs.In general,this impact assessment is bestpracticed as a part of a larger risk management process.Whilethis practice does not address this larger topic,it may informother risk management standards.1.3 This practice is intended to be applicable and appropri-ate for all asset-holding entities.1.4 In accordance with the provisions of Practice E 2279,this practice clarifies and enables effective and efficient controland tracking of equipment.1.5 This standard does not purport to address all of thesafety concerns,if any,associated with its use.It is theresponsibility of the user of this standard to establish appro-priate safety and health practices and determine the applica-bility of regulatory limitations prior to use.2.Referenced Documents2.1 ASTM Standards:2E 2135 Terminology for Property and Asset ManagementE 2279 Practice for Establishing the Guiding Principles ofProperty ManagementE 2452 Practice for Equipment Management Process Matu-rity(EMPM)ModelE 2495 Practice for Prioritizing Asset Resources in Acqui-sition,Utilization,and DispositionE 2499 Practice for Classification of Equipment PhysicalLocation InformationE 2608 Practice for Equipment Control Matrix(ECM)3.Terminology3.1 DefinitionsFor definitions relating to property andasset management,refer to Terminology E 2135.3.1.1 compliance impact,nconsequence of loss of controlcharacterized by negative compliance with applicable laws,regulations,or other relevant internal or external guidance thatdoes not rise to the level of an operational impact.(E 2608)3.1.2 consequence,nthe effect of actions(something thatlogically or naturally follows from an action or condition).3.1.3 equipment control classes(ECCs),nclassificationsor groupings of equipment based on the consequences of theloss of control of the equipment.(E 2608)3.1.4 operational impact,nconsequence of loss of controlcharacterized by negative operational impact that does not riseto the level of a personal or societal safety or security impact.(E 2608)3.1.5 organizational impact,nobjects that affect or influ-ence the capability of an entity,especially in a significant orundesirable manner.3.1.6 personalsafety/securityconsequence,nconsequence of loss of control characterized by negativepersonal safety or security impact that does not rise to the levelof a societal safety or security impact.(E 2608)3.1.7 probability,nor chance that something is the case orwill happen.3.1.8 risk,nconcept that denotes a potential negativeimpact.3.1.9 risk assessment,ndetermination of the quantitativeor qualitative value of risk related to a concrete situation and arecognized threat.3.1.9.1 DiscussionIt is considered as the initial and arecurring step in a risk management process.1This practice is under the jurisdiction of ASTM Committee E53 on PropertyManagement Systems and is the direct responsibility of Subcommittee E53.02 onData Management.Current edition approved Feb.1,2009.Published February 2009.2For referenced ASTM standards,visit the ASTM website,www.astm.org,orcontact ASTM Customer Service at serviceastm.org.For Annual Book of ASTMStandards volume information,refer to the standards Document Summary page onthe ASTM website.1Copyright ASTM International,100 Barr Harbor Drive,PO Box C700,West Conshohocken,PA 19428-2959,United States.Copyright ASTM International Provided by IHS under license with ASTM Licensee=Ohio State University/5967164005 Not for Resale,03/10/2012 21:49:14 MSTNo reproduction or networking permitted without license from IHS-,-,-3.1.10 risk management,nstructured approach to manag-ing uncertainty through risk assessment,developing strategiesto manage it,and mitigation of risk using managerial resources.3.1.10.1 DiscussionThe strategies include transferring therisk to another party,avoiding the risk,reducing the negativeeffect of the risk,and accepting some or all of the conse-quences of a particular risk.3.1.11 societalsafety/securityconsequence,nconsequence of loss of control characterized by n

此文档下载收益归作者所有

下载文档
你可能关注的文档
收起
展开