prEN ISO 22300

SLOVENSKI STANDARD
01-november-2024
Varnost in vzdržljivost - Slovar (ISO/DIS 22300:2024)
Security and resilience - Vocabulary (ISO/DIS 22300:2024)
Sicherheit und Resilienz - Begriffe (ISO/DIS 22300:2024)
Sécurité et résilience - Vocabulaire (ISO/DIS 22300:2024)
Ta slovenski standard je istoveten z: prEN ISO 22300
ICS:
01.040.03 Storitve. Organizacija Services. Company
podjetja, vodenje in kakovost. organization, management
Uprava. Transport. and quality. Administration.
Sociologija. (Slovarji) Transport. Sociology.
(Vocabularies)
03.100.01 Organizacija in vodenje Company organization and
podjetja na splošno management in general
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

DRAFT
International
Standard
ISO/DIS 22300
ISO/TC 292
Security and resilience —
Secretariat: SIS
Vocabulary
Voting begins on:
Sécurité et résilience — Vocabulaire
2024-08-29
Voting terminates on:
ICS: 01.040.03; 03.100.01
2024-11-21
THIS DOCUMENT IS A DRAFT CIRCULATED
FOR COMMENTS AND APPROVAL. IT
IS THEREFORE SUBJECT TO CHANGE
AND MAY NOT BE REFERRED TO AS AN
INTERNATIONAL STANDARD UNTIL
PUBLISHED AS SUCH.
This document is circulated as received from the committee secretariat.
IN ADDITION TO THEIR EVALUATION AS
BEING ACCEPTABLE FOR INDUSTRIAL,
TECHNOLOGICAL, COMMERCIAL AND
USER PURPOSES, DRAFT INTERNATIONAL
STANDARDS MAY ON OCCASION HAVE TO
ISO/CEN PARALLEL PROCESSING
BE CONSIDERED IN THE LIGHT OF THEIR
POTENTIAL TO BECOME STANDARDS TO
WHICH REFERENCE MAY BE MADE IN
NATIONAL REGULATIONS.
RECIPIENTS OF THIS DRAFT ARE INVITED
TO SUBMIT, WITH THEIR COMMENTS,
NOTIFICATION OF ANY RELEVANT PATENT
RIGHTS OF WHICH THEY ARE AWARE AND TO
PROVIDE SUPPORTING DOCUMENTATION.
Reference number
ISO/DIS 22300:2024(en)
DRAFT
ISO/DIS 22300:2024(en)
International
Standard
ISO/DIS 22300
ISO/TC 292
Security and resilience —
Secretariat: SIS
Vocabulary
Voting begins on:
Sécurité et résilience — Vocabulaire
ICS: 01.040.03; 03.100.01 Voting terminates on:
THIS DOCUMENT IS A DRAFT CIRCULATED
FOR COMMENTS AND APPROVAL. IT
IS THEREFORE SUBJECT TO CHANGE
AND MAY NOT BE REFERRED TO AS AN
INTERNATIONAL STANDARD UNTIL
PUBLISHED AS SUCH.
IN ADDITION TO THEIR EVALUATION AS
BEING ACCEPTABLE FOR INDUSTRIAL,
© ISO 2024
TECHNOLOGICAL, COMMERCIAL AND
USER PURPOSES, DRAFT INTERNATIONAL
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
STANDARDS MAY ON OCCASION HAVE TO
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
This document is circulated as received from the committee secretariat. BE CONSIDERED IN THE LIGHT OF THEIR
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
POTENTIAL TO BECOME STANDARDS TO
WHICH REFERENCE MAY BE MADE IN
or ISO’s member body in the country of the requester.
NATIONAL REGULATIONS.
ISO copyright office
RECIPIENTS OF THIS DRAFT ARE INVITED
CP 401 • Ch. de Blandonnet 8
TO SUBMIT, WITH THEIR COMMENTS,
CH-1214 Vernier, Geneva
NOTIFICATION OF ANY RELEVANT PATENT
Phone: +41 22 749 01 11
RIGHTS OF WHICH THEY ARE AWARE AND TO
PROVIDE SUPPORTING DOCUMENTATION.
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland Reference number
ISO/DIS 22300:2024(en)
ii
ISO/DIS 22300:2024(en)
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
3.1 Terms related to security and resilience .1
3.2 Terms related to risk .7
3.3 Terms related to management systems .11
Bibliography . 17
Index .18

iii
ISO/DIS 22300:2024(en)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out through
ISO technical committees. Each member body interested in a subject for which a technical committee
has been established has the right to be represented on that committee. International organizations,
governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely
with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are described
in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the different types
of ISO documents should be noted. This document was drafted in accordance with the editorial rules of the
ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of any patent
rights identified during the development of the document will be in the Introduction and/or on the ISO list of
patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and expressions
related to conformity assessment, as well as information about ISO’s adherence to the World Trade
Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 292, Security and resilience.
This fourth edition cancels and replaces the third edition (ISO 22300:2021), which has been technically
revised. The main changes compared with the previous edition are as follows:
— removal of terms that are not commonly used across the portfolio of ISO/TC 292 standards and are very
specific to particular standards;
— definitions for some terms have been modified to be more generic and applicable across the portfolio of
ISO/TC 292 standards;
— inclusion of new terms and definitions from recent published documents and documents transferred to
ISO/TC 292;
— the structure of the document has been revised to make the document more concise and user friendly.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.

iv
ISO/DIS 22300:2024(en)
Introduction
This document defines generic terms related to security and resilience topics within the scope of ISO/TC 292.
It covers generic terms and definitions from the ISO 22300 series of standards as well as some documents in
the ISO 28000 series.
This document provides a common language profile to help facilitate a common understanding and to
maintain consistency of fundamental terminology across ISO/TC 292 documents.
Security and resilience topics cover a broad range of disciplines. In some circumstances, it can therefore
be necessary to supplement the vocabulary in this document. The generic terms and definitions in this
document may need to be clarified with the addition of notes to provide context or replaced by disciplinary-
specific terminology where appropriate.
This document can be applied as a reference by competent authorities, as well as by specialists involved
in standardization systems, to better and more accurately understand relevant text, correspondences and
communications.
v
DRAFT International Standard ISO/DIS 22300:2024(en)
Security and resilience — Vocabulary
1 Scope
This document defines terms used in security and resilience documents and other approved ISO/TC 292
standard deliverables.
2 Normative references
There are no normative references in this document.
3 Terms and definitions
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
3.1 Terms related to security and resilience
3.1.1
acute shock
unexpected state or physical condition or event that suddenly occurs to a severe or intense degree with the
potential to have immediate but short-term impacts on resilience objectives
3.1.2
affected area
location that has been impacted by a disruptive event (3.1.33) (incident, accident, disaster)
3.1.3
after-action report
document that records, describes and analyses the actual event (3.1.33) or exercise (3.1.34), and derives
lessons from it
3.1.4
alert
notification that captures attention of people at risk (3.1.50) in a developing situation
3.1.5
all clear
message or signal that the situation has passed
3.1.6
all-hazards approach
comprehensive approach to emergency preparedness that ensures that organizational capabilities and
controls are designed and applied in such a way as to be able to respond to all types of disruptive events,
irrespective of their nature or cause
3.1.7
business continuity
capability of an organization (3.3.19) to continue the delivery of products and services within acceptable
time frames at predefined capacity during a disruption (3.1.26)

ISO/DIS 22300:2024(en)
3.1.8
business continuity management
process (3.3.30) of implementing and maintaining business continuity (3.1.7)
3.1.9
business continuity plan
documented information (3.3.8) that guides an organization (3.3.19) to respond to a disruption (3.1.26) and
resume, recover and restore the delivery of products and services consistent with its business continuity
(3.1.7) objectives (3.3.18)
3.1.10
business impact analysis
process (3.3.30) of analysing the impact (3.1.36) over time of a disruption (3.1.26) on the organization (3.3.19)
3.1.11
chronic stress
an unexpected state or physical condition or event that develops slowly with increasing intensity and
severity, that influences long-term impacts (3.1.36) on resilience (3.1.59) objectives (3.3.18)
3.1.12
civil protection
measures taken and systems implemented to preserve the lives and well-being of people, properties and
environment from undesired events
Note 1 to entry: Undesired events can include accidents, emergencies (3.1.30) and disasters (3.1.24).
3.1.13
civil society
wide range of individuals, groups of people, networks, movements, associations and organizations (3.3.19)
that manifest and advocate for the interests of their members and others
3.1.14
command and control
execution of authority and direction over assigned resources
Note 1 to entry: Command and control may be executed in the context of an emergency (3.1.30), crisis (3.1.24), disaster
(3.1.24), or other disruption (3.1.26), and for relief and recovery (3.1.56) activities.
Note 2 to entry: Control is used in some jurisdictions to refer to the overall direction of response activities and spans
across multiple organizations (3.1.19).
Note 3 to entry: Command is used in some jurisdictions to refer to the internal direction of resources within a single
organization (3.1.19).
3.1.15
command and control system
set of arrangements used to facilitate decisions and direct resources as part of the broader incident (3.1.38)
management approach
3.1.16
contingency
preparation for and handling of unwanted situations
3.1.17
cooperation
process (3.3.30) of working or acting together for common interests and values, based on agreement
3.1.18
coordination
process (3.3.30) of working or acting together in order to achieve a common objective (3.3.18)

ISO/DIS 22300:2024(en)
3.1.19
counterfeit, verb
simulate, reproduce or modify a material good (3.1.44) or its packaging without authorization
3.1.20
counterfeit good
material good (3.1.44
...