Glossary I
- Information System Security ...
- IV
- IT
- Intranet
- Interface
- Individuals
- IA
- Identifiable Person
- Identification
- Identified Information
- Identifier
- Identity
- Identity Assurance Level ...
- Identity Provider (IdP)
- Identity Registration
- Identity Proofing
- Identity Token
- Identity Verification
- Image
- Impact
- IMAP
- IMEI
- Impact Level
- Impact Value
- Incident
- Incident Handling
- Incident Response
- Incident Response Plan
- Incineration
- Indirect Identifier
- Individual
- Individual Accountability
- IIHI
- Industrial Control System ...
- Inference
- Information
- Integrity
- Information Leakage
- Information Management Policy
- Information Owner
- Information Security Policy
- Internet
- Internet of Things

Information System Security Officer (ISSO)
See system security officer (SSO).See the following for more information:NIST SP 800-30 Rev. 1 under Information System Security OfficerNIST SP 800-39 under Information System Security ...
Individuals
An assessment object that includes people applying specifications, mechanisms, or activities.See the following under Individuals for more information.CNSSI 4009-2015 NIST SP 800-39.NIST SP 800-137 (NISTIR ...
Identifiable Person
One who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his ...
Identification
The process of discovering the true identity (i.e., origin, initial history) of a person or item from the entire collection of similar persons or items. See CNSSI ...
Identified Information
Information that explicitly identifies an individual See NISTIR 8053 for more information.
Identifier
Unique data used to represent a person’s identity and associated attributes. A name or a card number are examples of identifiers. See NIST SP 800-79-2 under Identifier and NIST SP ...
Identity Assurance Level (IAL)
A category that conveys the degree of confidence that the applicant’s claimed identity is their real identity. See NIST SP 800-63-3 for more information.
Identity Provider (IdP)
The party that manages the subscriber’s primary authentication credentials and issues assertions derived from those credentials. This is commonly the CSP as discussed within this ...
Identity Registration
The process of making a person’s identity known to the personal identity verification (PIV) system, associating a unique identifier with that identity, and collecting and ...
Identity Proofing
Verifying the claimed identity of an applicant by authenticating the identity source documents provided by the applicant. See NIST SP 800-79-2 for more information. The process by which a ...
Identity Token
Smart card, metal key, or other physical object used to authenticate identity. See CNSSI 4009-2015 for more information.
Identity Verification
The process of testing the media to ensure the information cannot be read. See NIST SP 800-88 Rev. 1 under Verification for more information. Confirmation, through the provision of objective ...
Impact Level
The magnitude of harm that can be expected to result from the consequences of unauthorized disclosure of information, unauthorized modification of information, unauthorized destruction of ...
Impact Value
The assessed potential impact resulting from a compromise of the confidentiality, integrity, or availability of information expressed as a value of low, moderate ...
Incident Handling
An IT security incident is an adverse event in a computer system or network caused by the failure of a security mechanism or an attempted ...
Incident Response
The mitigation of violations of security policies and recommended practices. See CNSSI 4009-2015 under incident handling (NIST SP 800-61 Rev. 2) for more information.
Incident Response Plan
The documentation of a predetermined set of instructions or procedures to detect, respond to, and limit consequences of a malicious cyber attacks against ...
Incineration
A physically Destructive method of sanitizing media; the act of burning completely to ashes. See NIST SP 800-88 Rev. 1 for more information.
Indirect Identifier
Information that can be used to identify an individual through association with other information.See NISTIR 8053 for more information.
Individual
A citizen of the United States or an alien lawfully admitted for permanent residence. Agencies may, consistent with individual practice, choose to extend the protections ...
Individual Accountability
Ability to associate positively the identity of a user with the time, method, and degree of access to an information system. See CNSSI 4009-2015 for more information.
Industrial Control System (ICS)
An information system used to control industrial processes such as manufacturing, product handling, production, and distribution. Industrial control systems include supervisory control and data acquisition ...
Information
An instance of an information type. See the following under Information for more details: NIST SP 800-53 Rev. 4(FIPS 199). FIPS 200 (FIPS 199). NIST SP 800-137 (FIPS 199). NIST ...
Information Leakage
The intentional or unintentional release of information to an untrusted environment. See NIST SP 800-53 Rev. 4 for more information.
Information Management Policy
The high-level policy of an organization that specifies what information is to be collected or created, and how it is to be managed. See NIST SP 800-152 for ...
Information Owner
Official with statutory or operational authority for specified information and responsibility for establishing the controls for its generation, classification, collection, processing, dissemination, and disposal. See ...
Information Security Policy
A high-level policy of an organization that is created to support and enforce portions of the organization’s Information Management Policy by specifying in more detail ...