| Permissible Values |
Theft/loss of assets |
|
|
|
| Account compromise |
|
|
|
| Phishing |
|
|
|
| Unauthorised access to information/systems |
|
|
|
| Unauthorised release of or disclosure of information |
|
|
|
| Malware infections |
|
|
|
| Ransomware infections |
|
|
|
| Intrusions against networks |
|
|
|
| Abuse of privileges |
|
|
|
| Unauthorised changes to information, applications, systems or hardware |
|
|
|
| Violation of information security policy |
|
|
|
| Suspicious system behaviour or failure (hardware/software) or communications) |
|
|
|
| Password confidentiality |
|
|
|
| Sabotage/physical damage |
|
|
|
| Other events |
|
|
|