Assets: Information, data or computational resources that have value and therefore

importance expressed in monetary or other terms.

Authentication: Verification of the authenticity of an entity, information or user

identity or role within the context of an IS.

Availability: means the capacity of an information system to perform a task under

defined conditions as regards schedules, deadlines and performance.

Breach: An event that affects one or more of the following properties: authenticity,
availability, confidentiality, integrity, validity.

Classification: the process of establishing the business impacts for the Commission
of a loss of confidentiality, integrity and availability of its information and of
synthesising these impacts in classification levels. The classification process is used
to classify all physical and logical assets based on the classification of the information
they are storing or processing.

Confidentiality: means the reserved character of information or of all or part of an

information system (such as algorithms, programmes and documentation) to which
access is limited to authorised persons, bodies and procedures.

Damage: The loss, partial or total, of the value of an asset.

EBIOS: (Expression des Besoins et Identification des Objectifs de Scurit Expression of Needs and Identification of Security Objectives) is a method for
analysis, evaluation and action on risks relating to information systems.