Build or upgrade your ISMS on our platform

ISO 22301 Clause 3: Terms and definitions


What will Requirement 3 of ISO 22301 help you achieve?

The standard talks in detail about security and resilience. It uses a wide range of either specialist technical terms, or common terms that have a specific meaning in a security and resilience context.

To help you understand them, it includes definitions of the 31 most important ones. It also points you towards “ISO 22300, Security and resilience – Vocabulary”, which lists and defines almost 300 security and resilience terms.

If you need to understand a term that isn’t listed here, you should check in ISO 22300 to see what it means. If a term is listed in this section, that definition replaces the one in ISO 22300.

You can also look online for term definitions. The standard recommends two sites:

Understanding these terms is very important, but if you’re not already an expert they can be a little difficult to get to grips with.
If you choose to work with us we’ll make sure you understand them. We explain them in our own support materials, and if you need more targeted help we can either answer your questions ourselves or find the right independent partner to work with you.

ISO 22301:2019 Requirements

ISO 22301:2019 implements the framework, fundamental text and definitions of Annex L, formerly Annex SL. Annex L establishes a high-level framework for ISO management system standards. The Annex was drawn up to incorporate a similar core text and common terminology and concepts.

Except for Clause 8, the Annex L requirements address many of the same areas as the core requirements of ISO 27001, covered in Section 4.1 through to 10.2.