Jump to Navigation


Glossary beginning with S

Click one of the letters above to go to the page of all terms beginning with that letter.

A measure taken against an entity to compel it to obey to data protection legislation or to punish it for a breach of a contractual clause.


see Information Security

Security Breach

A breach of security occurs where a stated organizational policy or legal requirement regarding information security has been violated. However, every incident which suggests that the confidentiality, integrity or availability of the information has been compromised can be considered a security incident. Every security breach will always be initiated by a security incident which, only if confirmed, may become a breach.

Security Control Assessment

The testing or evaluation of security controls to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for an information system or organization.

Service Level Agreement (SLA)

An SLA represents the understanding between the cloud consumer and cloud provider about the expected level of service to be delivered and, in the event that the provider fails to deliver the service at the level specified, the compensation available to the cloud consumer.

Software as a Service (SaaS)

The capability provided to the consumer is to use the provider's applications running on a cloud infrastructure.


Individual, group, or organization who may affect, be affected by, or perceive itself to be affected by a decision or activity.

Standard Contractual Clauses

Standard contractual clauses are legal tools to provide adequate safeguards for data transfers from the EU or the European Economic Area to third countries. The European Commission has adopted three Decisions declaring Standard Contractual Clauses to be adequate, and therefore, companies can incorporate the clauses into a transfer contract. In principle no authorization is required from data protection authorities to be allowed to use these clauses. A formal notification to the authority might nevertheless be necessary.