Difference between revisions of "Vulnerability"

Revision as of 15:57, 10 August 2021

Definition

Vulnerability. A weakness, susceptibility or flaw of an asset or control that can be exploited by one or more threats. The degree to which a person, asset, process, information, infrastructure or other resources are exposed to the actions or effects of a risk, event or other occurrence. The conditions determined by physical, social, economic and environmental factors or processes which increase the susceptibility of an individual, a community, assets or systems to the impacts of hazards.

Reference

Adapted from CPMI-IOSCO and ISO/IEC 27000:2018
https://www.undrr.org/terminology/vulnerability

@@ Line 1: / Line 1: @@
 == Definition ==
-'''Vulnerability'''. A weakness, susceptibility or flaw of an asset or control that can be exploited by one or more threats. The degree to which a person, asset, process, information, infrastructure or other resources are exposed to the actions or effects of a risk, event or other occurrence.
+'''Vulnerability'''. A weakness, susceptibility or flaw of an asset or control that can be exploited by one or more threats. The degree to which a person, asset, process, information, infrastructure or other resources are exposed to the actions or effects of a risk, event or other occurrence. The conditions determined by physical, social, economic and environmental factors or processes which increase the susceptibility of an individual, a community, assets or systems to the impacts of hazards.
+== See Also ==
+* For positive factors which increase the ability of people to cope with hazards, see also the definitions of “Capacity” and “Coping Capacity”
 == Reference ==
 *  Adapted from CPMI-IOSCO and ISO/IEC 27000:2018
+* https://www.undrr.org/terminology/vulnerability
 [[Category:Cyber Risk]]
 [[Category:Business Impact Analysis]]