Load low-bandwidth site?
Help

Glossary English

The Global Interagency Security Forum (GISF) developed this Glossary to facilitate a common understanding of terms frequently used in security risk management.

The terms and definitions have been drawn from a range of trusted resources, including GISF’s own publications. They have also been informed by a working group of GISF members.

The GISF Glossary is available in four languages: English, French, Spanish and Arabic. The site has been designed to enable easy navigation between terms in each language, supporting more consistent and accurate communication across language barriers.

The GISF Glossary is reviewed and updated regularly, to reflect new terms and changing definitions within the security risk management sector. If you have a term you would like to add to the Glossary or a suggested amendment, please contact us through our feedback form.

D

data back-ups

The process of duplicating and storing data from an organisation’s information systems in a secure location to protect data loss, corruption, theft or damage. This practice ensures that data can be restored to its original state after a security incident, hardware failure, accidental deletion, or a natural disaster.
Show translations

data destruction

The process of destroying data stored on hard disks and other forms of electronic media so that it is completely unreadable and cannot be accessed or used for unauthorised purposes (also referred to as data disposal or shredding). Security information management requires sensitive information to be clearly separated from routine information in case the destruction of data needs to be done quickly.
Related terms: cyber security , data back-ups
Show translations

decision-making authority (DMA)

The individual(s) or group responsible for making strategic decisions and who are accountable for the success or failure of any actions. During a crisis the DMA is tasked with ensuring the crisis management team (CMT) is enabled to manage the incident effectively. They approve the incident management strategy but are not involved in the day-to-day management of the crisis.
Show translations

detention

The process of holding a person/people against their will by an individual or group. While there may be no intention to cause harm, there is also no clear timeline or pre-condition for their release. Reasons for detention can range from a perceived crime or offence, documentation problems, unhappiness with an organisation or its programmes, to concerns for the ‘security’ of the detainees. A detention may become an arrest when formal charges are made by the detaining authority.
Related terms: arrest , kidnapping
Show translations
Hide translations

deterrence strategy

A security strategy that involves reducing or removing threats by posing a counter-threat that will deter or influence aggressors. Examples include armed protection, diplomatic/political leverage, temporary suspension of activities or programme closure as a security strategy.
Show translations

discrimination

The unfair or prejudicial treatment of individuals or groups based on protected characteristics such as ‘race’, ethnicity, gender, age, sexual orientation, disability, religion, or other personal attributes. It involves actions, policies, or practices that result in unequal opportunities or outcomes for certain groups, often perpetuating social inequality or exclusion.
Related terms: inclusion
Show translations
Hide translations

diversity, equity and inclusion (DEI)

Refers to strategies and practices aimed at creating a workplace where diverse perspectives are valued, equitable opportunities are provided, and all individuals feel included and respected. It often entails establishing organisational policies, structures, systems and programmes that promote more diversity, equity and inclusion.
Related terms: discrimination , inclusion
Show translations

duty of care

Duty of care is the moral and, in many cases, legal obligation of an employer to provide a reasonable standard of care towards its personnel, and to mitigate, or otherwise address all foreseeable risks that may harm or injure its employees, those acting on its behalf, or for whom it has a level of responsibility. Legal obligations will vary according to the jurisdiction of existing legislation and duty of care is not limited to contractual relations such as those between an employer and employee. The degree of responsibility an organisation has towards an individual can also be determined by the extent to which the organisation controls the working environment or activities. Duty of care obligations often extend to those acting on behalf of the organisation, including staff, volunteers, consultants, visitors, dependents, and in some cases affected populations.
Related terms: liability
Show translations