AI Artificial Intelligence

APM Association for Project Management

BC Business Continuity

BCI Business Continuity Institute

BCM Business Continuity Management

BCP Business Continuity Plan

BCS BCS, The Chartered Institute for IT

BIA Business Impact Analysis

BR Business Resumption

BS British Standard

BSI British Standards Institution

BYOD Bring Your Own Device

CCP Certified Cyber Professional

CCTV Closed-Circuit Television

CD Compact Disc

CDPA Copyright, Designs and Patents Act 1988

CEO Chief Executive Officer

CIA Confidentiality, Integrity and Availability

CIISec Chartered Institute of Information Security

CMA Computer Misuse Act 1990

CMM Capability Maturity Model

CNSS Committee on National Security Systems

COMAH Control of Major Accident Hazards

DAS Direct Attached Storage

DCMS Department for Digital, Culture, Media and Sport

DDoS Distributed Denial of Service

DoS Denial of Service

DPA Data Protection Act 1998, 2018

DR Disaster Recovery

DVD Digital Versatile Disc

ENISA European Network and Information Security Agency

ERM Enterprise Risk Management

EU European Union

FAIR Factor Analysis of Information Risk

GCHQ Government Communications Headquarters

GDPR General Data Protection Regulation

GPG Good Practice Guidelines

HMG Her Majesty’s Government

HR Human Resources

HTML Hypertext Markup Language

IA Information Assurance

IASME Information Assurance for Small and Medium Sized Enterprises

ICT Information Communications and Technology

IEC International Electrotechnical Commission

IISP Institute of Information Security Professionals

IM Incident Management

IoT Internet of Things

IP Intellectual Property

IP Internet Protocol

IRM Institute of Risk Management

ISF Information Security Forum

ISMS Information Security Management System

ISO International Organization for Standardization

ISP Internet Service Provider

IT Information Technology

ITU International Telecommunication Union

LAN Local Area Network

MAO Maximum Acceptable Outage

MBCO Minimum Business Continuity Objective

MRI Magnetic Resonance Imaging

MTDL Maximum Tolerable Data Loss

MTPD Maximum Tolerable Period of Disruption

NAS Network Attached Storage

NCSC National Cyber Security Centre

NIST National Institute for Standards and Technology

NSA National Security Agency

OCTAVE Operationally Critical Threat, Asset, and Vulnerability Evaluation

PAS Publicly Available Specification

PCI DSS Payment Card Industry Data Security Standard

PDA Personal Digital Assistant

PDCA Plan-Do-Check-Act (aka the Deming Cycle)

PDSA Plan-Do-Study-Act

PIN Personal Identification Number

RAID Redundant Array of Inexpensive Disks

RIPA Regulation of Investigatory Powers Act 2000

RPO Recovery point objective

RTO Recovery time objective

SABSA Sherwood Applied Business Security Architecture

SAN Storage Area Networks

SFIA Skills Framework for the Information Age

SQL Structured Query Language

TLP Traffic Light Protocol

UPS Uninterruptible Power Supply

VLAN Virtual Local Area Network

VPN Virtual Private Network

WAP Wireless Access Point

Wi-Fi Wireless Fidelity