Risk Analysis
Contents
- 1 Definitions
- 1.1 European Definitions
- 1.2 European Project Definitions
- 1.3 National Definitions
- 1.3.1 Argentina
- 1.3.2 Australia
- 1.3.3 Austria
- 1.3.4 Belgium
- 1.3.5 Bosnia and Herzegovina
- 1.3.6 Brazil
- 1.3.7 Bulgaria
- 1.3.8 Canada
- 1.3.9 Colombia
- 1.3.10 Croatia
- 1.3.11 Cyprus
- 1.3.12 Czech Republic
- 1.3.13 Denmark
- 1.3.14 El Salvador
- 1.3.15 Estonia
- 1.3.16 Finland
- 1.3.17 France
- 1.3.18 Gambia
- 1.3.19 Germany
- 1.3.20 Greece
- 1.3.21 Hungary
- 1.3.22 India
- 1.3.23 Ireland
- 1.3.24 Italy
- 1.3.25 Latvia
- 1.3.26 Lithuania
- 1.3.27 Luxembourg
- 1.3.28 Malta
- 1.3.29 Mexico
- 1.3.30 Montenegro
- 1.3.31 Morocco
- 1.3.32 Netherlands
- 1.3.33 Peru
- 1.3.34 Philippines
- 1.3.35 Poland
- 1.3.36 Portugal
- 1.3.37 Romania
- 1.3.38 Slovakia
- 1.3.39 Slovenia
- 1.3.40 Spain
- 1.3.41 Sweden
- 1.3.42 Switzerland
- 1.3.43 United Kingdom
- 1.3.44 United States
- 1.3.45 Uruguay
- 1.4 Standard Definition
- 1.5 Dictionary
- 2 See also
- 3 Notes
- 4 References
Definitions
European Definitions
Council of Europe
Council Directive 2008/114/EC
ENISA
European Project Definitions
CIPRNet project
The CIPRNet project [4] uses the following definition:
National Definitions
Argentina
Australia
Austria
Belgium
Analyse de risques: examen des scénarios de menace pertinents destiné à évaluer les vulnérabilités d’infrastructures critiques et les impacts potentiels de leur arrêt ou destruction. [10]
Risikoanalyse die Prüfung relevanter Bedrohungsszenarien, um die Schwachstellen und mögliche Auswirkungen einer Störung oder Zerstörung kritischer Infrastrukturen zu bewerten. [11]
Bosnia and Herzegovina
Brazil
Bulgaria
Canada
Processus mis en œuvre pour comprendre la nature d’un risqué et pour déterminer son niveau. [17]
Colombia
Croatia
Risk analysis indicates consideration of possible scenarios of threats to evaluate the vulnerability and the potential impact of disturbances in the critical infrastructure or its destruction.
Cyprus
(equals EU definition)
Czech Republic
Risk analysis: Process of understanding the nature of risks and establishing a risk level. [22]
Process of understanding the nature of risks and establishing a risk level. [24]
Denmark
El Salvador
Estonia
Finland
Risk analysis is the action for identifying risk and estimating the probability of a damaging event as well as anticipated damages. -unofficial translation- [31]
France
Gambia
Risk analysis includes risk estimation.
Germany
Greece
(equals EU definition)
Hungary
India
Ireland
Italy
Latvia
Lithuania
Luxembourg
Malta
Mexico
Cambios en uno o más de estos parámetros modifican el riesgo en sí mismo, es decir, el total de pérdidas esperadas y las consecuencias en un área determinada.
Montenegro
Morocco
Risk analysis: A set of coordinated activities aimed at directing and managing an organization with regard to risk in order to improve the security of IS, to justify the budget allocated to securing the IS and to prove the credibility of the information system Using the analyzes performed.
Netherlands
Risicoanalyse is een methode die inventariseert welke risico's er zijn, welke daarvan onacceptabel zijn en welke maatregelen de risico's kunnen reduceren. [56]
Risicoanalyse: Een proces dat bestaat uit drie componenten: risicoschatting, risicomanagement of manipulatie en risicocommunicatie.
Risk analysis: A process consisting of three components: Risk assessment, risk management and risk communication). [59]
Het leidt tot inzicht in de ernst en waarschijnlijkheid van die gebeurtenis en in de weerbaarheid van een organisatie tegen bedreigingen van vastgestelde belangen en uitval en verstoringen van vitale processen. Die weerbaarheid wordt afgemeten aan de maatregelen die zijn genomen om de kans op verstoring te verminderen en de gevolgen beheersbaar te maken.
Peru
El Análisis de Riesgo facilita la determinación del nivel del riesgo y la toma de decisiones.
Philippines
Poland
Portugal
Romania
Slovakia
Slovenia
Spain
Sweden
Switzerland
Dazu gehört die Einschätzung der Höhe der Risiken, oft in Form einer Einstufung der betrachteten Szenarien bzgl. ihrer Eintrittswahrscheinlichkeit und Schadensausmasses.
Die Risikoanalyse befasst sich mit der Frage «was kann passieren?».
L’appréciation du niveau des risques, souvent sous forme d’une classification des scénarios considérés en function de leur [Probability|probabilité]] d’occurrence et de l’ampleur des dommages envisagés en fait partie. L’analyse des risques traite de la question «que peut-il arriver?».
Vi rientra la stima del livello dei rischi, spesso in forma di una classificazione degli scenari considerati in funzione della loro frequenza e dell’entità dei danni. L'analisi dei rischi cerca di rispondere alla domanda «che cosa potrebbe succedere?».
United Kingdom
United States
DHS
NIST
Uruguay
Standard Definition
IETF
ISO/IEC 27000:2014 and ISO 31000:2009
Level of risk is expressed in terms of the combination of consequences and their likelihood.
- Risk analysis provides the basis for Risk Evaluation and decisions about Risk Treatment.
- Risk analysis includes Risk Estimation.
Dictionary
See also
Notes
References
- ↑ GLOSSAIRE MULTILINGUE DE LA GESTION DU RISQUE pour usagers francophones (2007)/European Centre of Technological Safety (TESEC) - TESEC-EUR-OPA 2001)
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ ENISA Risk Glossary
- ↑ http://www.ciprnet.eu/
- ↑ SUBSECRETARÍA DE PROTECCIÓN CIVIL Y ABORDAJE INTEGRAL DE EMERGENCIAS Y CATÁSTROFES (1/2015)
- ↑ Australian Emergency Management Glossary, Emergency Management Australia (1998)
- ↑ Australia AS NZS 5050 (2010)
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ RADNA VERZIJA OSOBLJA KOMISIJE: Procjena rizika i mapiranje smernice za upravljanje katastrofama
- ↑ REGULAMENTO SOBRE GESTÃO DE RISCO DAS REDES DE TELECOMUNICAÇÕES E USO DE SERVIÇOS DE TELECOMUNICAÇÕES EM SITUAÇÕES DE EMERGÊNCIA E DESASTRES (2012)
- ↑ GLOSSÁRIO DE DEFESA CIVIL ESTUDOS DE RISCOS E MEDICINA DE DESASTRES, Ministério da Integração Nacional, Brazil
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Derived from ISO 31000:2009
- ↑ Vocabulaire de la gestion des urgencies/Emergency Management Emergency Management Vocabulary 281 (2012)
- ↑ Glosario Policia Colombia
- ↑ Zakon o kritičnim infrastrukturama (Critical infrastructure act), 2013, in Official Gazette, No 56/2013 (Croat.)
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ 22.0 22.1 [1]
- ↑ Výkladový slovník kybernetické bezpečnosti (2013)
- ↑ Cyber Security Explanatory Glossary (2013)
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Bekendtgørelse om identifikation og udpegning af europæisk kritisk infrastruktur på energiområdet og vurdering af behovet for bedre beskyttelse (EPCIP-direktivet)
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ HÅNDBOG I RISIKOBASERET DIMENSIONERING, Beredskabsstyrelsen, Denmark (2004)
- ↑ Glosario de Riesgo, Ministerio de Medio Ambiente y Recursos Naturales, El Salvador
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Vocabulary of Comprehensive Security. Helsinki (TSK 47) (2014)
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ THE GAMBIA NATIONAL CYBERSECURITY STRATEGY (2019)
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Methode für die Risikoanalyse im Bevölkerungsschutz
- ↑ Glossar, Das Bundesamt für Bevölkerungsschutz und Katastrophenhilfe (BBK)
- ↑ BSI Glossary
- ↑ Προεδρικό Διάταγμα 39/2011 της Ελληνικής Δημοκρατίας που αφορά την προσαρμογή της ελληνικής νομοθεσίας προς τις διατάξεις τις οδηγίας 2008/114/ΕΚ του Συμβουλίου της Ευρωπαϊκής Ένωσης.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ India's DGQA Cyber Security Policy (2015)
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ DECRETO LEGISLATIVO 11 aprile 2011 , n. 61 Attuazione della Direttiva 2008/114/CE recante l'individuazione e la designazione delle infrastrutture critiche europee e la valutazione della necessita' di migliorarne la protezione. (11G0101
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Règlement grand-ducal du 12 mars 2012 portant application de la directive 2008/114/CE du Conseil du 8 décembre 2008
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ El Glosario Centro Nacional de prevencion de desastres (CENAPRED)
- ↑ Strategija sajber bezbjednosti Crne Gore 2022-2026 (2021)
- ↑ Стратегија сајбер безбједности Црне Горе 2022-2026
- ↑ STRATEGIE NATIONALE EN MATIERE DE CYBERSECURITE, Morocco, 2011
- ↑ DIRECTIVE NATIONALE DE LA SECURITE DES SYSTEMES D'INFORMATION, Marocco 2013
- ↑ Zakboekje Preventie Cybercrime (2008
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Risicobeoordeling 16.0: Een kansrijk kader; Theorie achter het risicomanagementproces en leidraad voor risicobeoordeling, June 2015
- ↑ Patiëntveiligheid Definitielijst (2005)
- ↑ Handreiking Cybercrime (2012)
- ↑ El Centro Nacional de Estimación, Prevención y Reducción del Riesgo de Desastres - CENEPRED, Glosario de Términos, Peru
- ↑ DND GLOSSARY OF CYBER SECURITY TERMS (v.4)
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ BEZPEČNOSTNÁ RADA SLOVENSKEJ REPUBLIKY
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ 7630 Ley 8/2011, de 28 de abril, por la que se establecen medidas para la protección de las infraestructuras críticas.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Leitfaden Schutz kritischer Infrastrukturen 2015 / Glossar der Risikobegriffe, Bundesamt für Bevölkerungsschutz BABS, 29.4.2013
- ↑ Guide pour la protection des infrastructures critiques
- ↑ Glossario sui rischi, Ufficio federale della protezione della popolazione UFPP, 29.4.2013
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ DHS Risk Lexicon 2010 Edition, September 2010
- ↑ NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013
- ↑ Glossary CERTuy
- ↑ IETF RFC449 Internet Security Glossary 2
- ↑ ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
- ↑ ISO/IEC 31000:2009, Risk management -- Principles and guidelines
- ↑ Cybersecurity Woordenboek 2021