Security Glossary - T

This glossary has been created to assist security professionals in defining security terms commonly used by the profession and the industry, worldwide. It is a developing list that will be maintained, and where appropriate, modified, and changed over time. Terms borrowed from related fields, such as engineering, investigations, safety, etc. will be included when deemed necessary for the security professional.

REFERENCE NOTE

The definition's source is cited in brackets [ ] following the definition. View the key to all cited reference sources.

It is NOT our goal to publish this glossary in print since it is intended to be a current online reference (on the ASIS website) to serve the security professional on an ongoing basis.

 
A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z
 
  
Definition
tabletop exercise

​(1) A test method that presents a limited simulation of an emergency or crisis scenario in a narrative format in which participants review and discuss, not perform, the policy, methods, procedures, coordination, and resource assignments associated with plan activation.
[ASIS GDL TASR 04 2008] 

(2) A pre-scripted scenario using a test method that presents a limited simulation of an emergency or crisis scenario in a narrative format in which participants review and discuss, but not perform, the policy, methods, procedures, coordination, and resource assignments associated with plan activation.
[ASIS GDL BC 01 2005]

tailgating

​To follow closely.  In access control, the attempt by more than one individual to enter a controlled area by immediately following an individual with proper access.  Also called piggybacking.
[ASIS GDL FPSM-2009]

target

​A detailed performance requirement applicable to the organization (or parts thereof) that arises from the objectives and that needs to be set and met in order to achieve those objectives.
[ASIS SPC.1-2009]  [ANSI/ASIS PAP.1-2012] 
[ANSI/ASIS PSC.1-2012]

techical security

​Measures taken to identify, prevent or neutralize technical threats including electronic or electro-optic eavesdropping, wiretapping, bugging, signal intercept, covert/illicit surveillance, and attacks on Information Technology (IT) or telecommunications systems.
[ASIS GDL IAP 05 2007]

technical surveillance countermeasures (TSCM)

​Employment of services, equipment, and techniques designed to locate, identify, and neutralize the effectiveness of technical surveillance activities.
[ASIS GDL IAP 05 2007]

testing

(1) Evaluation of a resource to validate the achievement of objectives and aims.  See exercise.
 [ASIS/BSI BCM.01-2010]
(2) Activities performed to evaluate the effectiveness or capabilities of a plan relative to specified objectives or measurement criteria. Testing usually involves exercises designed to keep teams and employees effective in their duties and to reveal weaknesses in the Business Continuity Plan.
[ASIS GDL BC 01 2005]
(3) Activities performed to evaluate the effectiveness or capabilities of a plan relative to specified objectives or measurement criteria. Testing usually involves exercises designed to keep teams and employees effective in their duties, and to reveal weaknesses in the preparedness and response/continuity/recovery plans.
[ASIS GDL BC 01 2005]
[ANSI/ASIS PAP.1-2012]

threat

​(1) A potential cause of an unwanted incident, which may result in harm to individuals, assets, a system or organization, the environment, or the community.
[ASIS SPC.1-2009]  [ANSI/ASIS PAP.1-2012]
[ANSI/ASIS SCRM.1-2014]
(2) Any verbal or physical conduct that conveys an intent or is reasonably perceived to convey an intent to cause physical harm or to place someone in fear of physical harm.
[ASIS/SHRM WVPI.1-2011]
(3) An action or event that could result in a loss; an indication that such an action or event might take place.
[ASIS GDL FPSM-2009]
(4) An indication of something impending that could result in damage or injury. Threats may be deliberate or inadvertent.
[ASIS GDL PSO-2010]

threat analysis

​Process of identifying and quantifying the potential cause of an unwanted event, which may result in harm to individuals, assets, a system or organization, the environment, or the community.
[ANSI/ASIS PSC.1-2012]
Note 1:  Threats may be due to intentional, unintentional, or natural events.
Note 2:  The term hazard refers to a [dangerous] condition or threat that may increase the frequency or severity of a loss. [Adapted from the Risk Management Principles and Practices textbook published by The Institutes, www.theinstitutes.org.]
[ANSI/ASIS/RIMS RA.1-2015]

threat management team

(1) ​Synonymous with Incident Management Team and Case Management Team.  A multi-disciplinary group of personnel selected by an organization to receive, respond to, and resolve reports of problematic behavior made under the organization’s workplace violence prevention policy.
[ASIS/SHRM WVPI.1-2011]

(2) Refers to the personnel designated within an organization to receive, respond to, and resolve reported situations made under an organization’s workplace violence program.  Also termed an Incident Management Team.
[ASIS GDL WPV 09 2005]

throughput

​The average rate of flow of people or vehicles through an access point.
[ASIS GDL FPSM-2009]  [ANSI/ASIS PAP.1-2012]

tiers

​The degrees of separation or stages of nodes of businesses, organizations, and logistic channels that make up the supply chain network involved in the provision of products and services. 
Note 1:  Tier number begins at the organization conducting the supply chain analysis.  For example, a tier one company supplies products and services to the organization conducting the supply chain analysis; tier two companies supply companies in tier one; tier three supplies tier two, and so on.
Note 2:  Product and service flow between tiers can be either uni-directional or bi-directional.
[ANSI/ASIS SCRM.1-2014]

token

​An electronically encoded device (i.e., a card, key-fob, etc.) that contains information capable of being read by electronic devices placed within or at the entry and exit points of a protected facility.
[ASIS GDL FPSM-2009]

top management

(1) Directors, managers, and officers of an organization that can ensure effective management systems – including financial monitoring and control systems – have been put in place to protect assets, earning capacity, and the reputation of the organization.
[ASIS SPC.1-2009]

(2) Person or group of people who directs and controls an organization at the highest level.

  • Note: For example, directors, managers, and officers of an organization who can ensure effective management systems – including financial monitoring and control systems – have been put in place to protect assets, earning capacity, and the reputation of the organization.

[ANSI/ASIS SPC.1-2009]  [ANSI/ASIS PAP.1-2012]

(3) Person or group of people who directs and controls an organization at the highest level. [ISO 9000:2005]
[ANSI/ASIS SPC.4-2012]  [ANSI/ASIS PSC.1-2012]  [ANSI/ASIS PSC.2-2012] [ANSI/ASIS PSC.3-2013] [ANSI/ASIS PSC.4-2013]

(4) Person or group of people responsible and accountable for formulating organizational goals, objectives, strategies, policies, and/or allocating resources.
[ANSI/ASIS/RIMS RA.1-2015]

training

​An act, method, or process of instruction; to teach so as to make fit, qualified, or proficient.
[ASIS GDL PSO-2010]

Trusted Information Provider (TIP)
1) An authorized individual (or entity) working for or on behalf of the Federal Government other than for the ISP, who, consistent with the investigative requirements at each tier [of the federal investigative standards], corroborates and/or verifies subject data, regarding date and place of birth, citizenship, and education records. These individuals may include Federal Government and contractor employees or military personnel working in human resources or security offices or in equivalent organizations. (Joint Security Clearance Reform Team, ONCIX. (2013). Final TIS TIP Language)
[ASIS GDL PBSS-2015]​

2) An authorized individual or entity working for or on behalf of a company who corroborates and/or verifies Subject data, regarding date and place of birth, citizenship, education records, or employment records. For purposes of this document, a TIP may be considered a Consumer Reporting Agency under the FCRA; it is possible that a TIP may alternatively be considered a furnisher or an end-user as referenced in the FCRA unless otherwise exempted.
[ASIS GDL PBSS-2015]