AI Artificial Intelligence
APM Association for Project Management
BC Business Continuity
BCI Business Continuity Institute
BCM Business Continuity Management
BCP Business Continuity Plan
BCS BCS, The Chartered Institute for IT
BIA Business Impact Analysis
BR Business Resumption
BS British Standard
BSI British Standards Institution
BYOD Bring Your Own Device
CCP Certified Cyber Professional
CCTV Closed-Circuit Television
CD Compact Disc
CDPA Copyright, Designs and Patents Act 1988
CEO Chief Executive Officer
CIA Confidentiality, Integrity and Availability
CIISec Chartered Institute of Information Security
CMA Computer Misuse Act 1990
CMM Capability Maturity Model
CNSS Committee on National Security Systems
COMAH Control of Major Accident Hazards
DAS Direct Attached Storage
DCMS Department for Digital, Culture, Media and Sport
DDoS Distributed Denial of Service
DoS Denial of Service
DPA Data Protection Act 1998, 2018
DR Disaster Recovery
DVD Digital Versatile Disc
ENISA European Network and Information Security Agency
ERM Enterprise Risk Management
EU European Union
FAIR Factor Analysis of Information Risk
GCHQ Government Communications Headquarters
GDPR General Data Protection Regulation
GPG Good Practice Guidelines
HMG Her Majesty’s Government
HR Human Resources
HTML Hypertext Markup Language
IA Information Assurance
IASME Information Assurance for Small and Medium Sized Enterprises
ICT Information Communications and Technology
IEC International Electrotechnical Commission
IISP Institute of Information Security Professionals
IM Incident Management
IoT Internet of Things
IP Intellectual Property
IP Internet Protocol
IRM Institute of Risk Management
ISF Information Security Forum
ISMS Information Security Management System
ISO International Organization for Standardization
ISP Internet Service Provider
IT Information Technology
ITU International Telecommunication Union
LAN Local Area Network
MAO Maximum Acceptable Outage
MBCO Minimum Business Continuity Objective
MRI Magnetic Resonance Imaging
MTDL Maximum Tolerable Data Loss
MTPD Maximum Tolerable Period of Disruption
NAS Network Attached Storage
NCSC National Cyber Security Centre
NIST National Institute for Standards and Technology
NSA National Security Agency
OCTAVE Operationally Critical Threat, Asset, and Vulnerability Evaluation
PAS Publicly Available Specification
PCI DSS Payment Card Industry Data Security Standard
PDA Personal Digital Assistant
PDCA Plan-Do-Check-Act (aka the Deming Cycle)
PDSA Plan-Do-Study-Act
PIN Personal Identification Number
RAID Redundant Array of Inexpensive Disks
RIPA Regulation of Investigatory Powers Act 2000
RPO Recovery point objective
RTO Recovery time objective
SABSA Sherwood Applied Business Security Architecture
SAN Storage Area Networks
SFIA Skills Framework for the Information Age
SQL Structured Query Language
TLP Traffic Light Protocol
UPS Uninterruptible Power Supply
VLAN Virtual Local Area Network
VPN Virtual Private Network
WAP Wireless Access Point
Wi-Fi Wireless Fidelity