Physical, Cyber and Human Elements

The three interwoven elements of critical infrastructure (physical, cyber and human) are explicitly identified and should be integrated throughout the steps of the framework, as appropriate.

The risk management framework is comprehensive and takes into account the assets, systems and networks that include one or more of the following elements:

  • Physical — tangible property
  • Cyber — electronic information and communications systems and the information contained therein
  • Human — critical knowledge of functions or people uniquely susceptible to attack