ISO 22300

ISO 22300:2021, Security and resilience – Vocabulary, is an international standard developed by ISO/TC 292 Security and resilience. This document defines terms used in security and resilience standards and includes 360 terms and definitions. This edition was published in the beginning of 2021 and replaces the second edition from 2018.

Scope and contents
ISO 22300:2018 contains definitions for the following terms:


 * activity
 * affected area
 * after-action report
 * alert
 * all clear
 * all-hazards
 * alternate worksite
 * appropriate law enforcement and other government officials
 * area at risk
 * asset
 * attack
 * attribute data management system, ADMS
 * audit
 * auditor
 * authentic material good
 * authentication
 * authentication element
 * authentication function
 * authentication solution
 * authentication tool
 * authoritative source
 * authorized economic operator
 * automated interpretation
 * business continuity
 * business continuity management
 * business continuity management system, BCMS
 * business continuity plan
 * business continuity programme
 * business impact analysis
 * business partner
 * capacity
 * cargo transport unit
 * certified client
 * civil protection
 * client
 * closed-circuit television system, CCTV system
 * colour blindness
 * colour-code
 * command and control
 * command and control system
 * communication and consultation
 * community
 * community-based warning system
 * competence
 * conformity
 * consequence
 * contingency
 * continual improvement
 * conveyance
 * cooperation
 * coordination
 * correction
 * corrective action
 * counterfeit, verb
 * counterfeit good
 * countermeasure
 * covert authentication element
 * crisis
 * crisis management
 * crisis management team
 * critical control point, CCP
 * critical customer
 * critical product or service
 * critical supplier
 * criticality analysis
 * custodian copy
 * custody
 * disaster
 * disruption
 * document
 * documented information
 * downstream
 * drill
 * dynamic metadata
 * effectiveness
 * emergency
 * emergency management
 * entity
 * evacuation
 * evaluation
 * event
 * exercise
 * exercise annual plan
 * exercise coordinator
 * exercise programme
 * exercise programme manager
 * exercise project team
 * exercise safety officer
 * facility
 * false acceptance rate
 * false rejection rate
 * forensic
 * forensic analysis
 * full-scale exercise
 * functional exercise
 * geo-location
 * goods
 * hazard
 * hazard monitoring function
 * hue
 * human interpretation
 * human rights risk analysis, HRRA
 * identification
 * identifier
 * identity
 * impact
 * impact analysis
 * impartiality
 * improvisation
 * incident
 * incident command
 * incident management system
 * incident preparedness
 * incident response
 * information
 * infrastructure
 * inherently dangerous property
 * inject
 * inspector
 * inspector access history
 * integrated authentication element
 * integrity
 * interested party
 * internal attack
 * internal audit
 * international supply chain
 * interoperability
 * intrinsic authentication element
 * invocation
 * key performance indicator, KPI
 * less-lethal force
 * likelihood
 * logical structure
 * management
 * management plan
 * management system
 * management system consultancy and/or associated risk assessment
 * material good
 * material good life cycle
 * maximum acceptable outage, MAO
 * maximum tolerable period of disruption, MTPD
 * measurement
 * metadata
 * minimum business continuity objective, MBCO
 * mitigation
 * monitoring
 * mutual aid agreement
 * nonconformity
 * notification
 * object
 * object examination function, OEF
 * objective
 * observer
 * off-the-shelf authentication tool
 * on-line authentication tool
 * operational information
 * organization
 * organization in the supply chain
 * outsource, verb
 * overt authentication element
 * owner
 * participant
 * partnering
 * partnership
 * people at risk
 * performance
 * performance evaluation
 * personnel
 * planning
 * policy
 * preparedness
 * prevention
 * prevention of hazards and threats
 * preventive action
 * prioritized activity
 * private security service provider
 * probability
 * procedure
 * process
 * product or service
 * protection
 * public warning
 * public warning system
 * purpose-built authentication tool
 * record
 * recovery
 * recovery point objective, RPO
 * recovery time objective, RTO
 * requirement
 * residual risk
 * resilience
 * resource
 * response plan
 * response programme
 * response team
 * review
 * rights holder
 * risk
 * risk acceptance
 * risk analysis
 * risk appetite
 * risk assessment
 * risk communication
 * risk criteria
 * risk evaluation
 * risk identification
 * risk management
 * risk owner
 * risk reduction
 * risk register
 * risk sharing
 * risk source
 * risk tolerance
 * risk treatment
 * robustness
 * scenario
 * scene location
 * scope of exercise
 * scope of service
 * script
 * secret
 * security
 * security aspect
 * security cleared
 * security declaration
 * security management
 * security management objective
 * security management policy
 * security management programme
 * security management target
 * security operation
 * security operations management
 * security operations objective
 * security operations personnel
 * security operations policy
 * security operations programme
 * security personnel
 * security plan
 * security sensitive information
 * security threat scenario
 * self-defence
 * semantic interoperability
 * sensitive information
 * shelter in place, verb
 * specifier
 * stand-alone authentication tool
 * static metadata
 * strategic exercise
 * subcontracting
 * supply chain
 * supply chain continuity management, SCCM
 * syntactic interoperability
 * tamper evidence
 * target
 * target group
 * test
 * testing
 * threat
 * threat analysis
 * tier 1 supplier
 * tier 2 supplier
 * top management
 * track and trace
 * training
 * trusted query processing function, TQPF
 * trusted verification function, TVF
 * undesirable event
 * unique identifier, UID
 * upstream
 * use of force continuum
 * verification
 * vulnerability
 * vulnerable group
 * warning dissemination function
 * work environment
 * World Customs Organization, WCO

Related standards

 * ISO 22301 Security and resilience – Business continuity management systems – Requirements