Risk Management

From CIPedia
Jump to navigation Jump to search

Definitions

European Definitions

Council of Europe

Risk management is the process whereby decisions are made and actions implemented to eliminate or reduce the effects of identified hazards. [1]



EU

[CBRN] The process, distinct from Risk Assessment, of weighing policy alternatives, in consultation with all interested parties, considering risk assessment and other factors relevant for the health protection of workers and consumers, the protection of the environment and for the promotion of fair trade practices, and, if needed, selecting appropriate prevention and control options. [2]


ENISA

Risk Management is the process, distinct from risk assessment, of weighing policy alternatives in consultation with interested parties, considering risk assessment and other legitimate factors, and selecting appropriate prevention and control options. [3]


Other International Definitions

CARICOM

Risk management is the systematic approach and practice of managing uncertainty to minimise potential harm and loss. [4]


NATO CEP / EAPC

A deliberate process of understanding risk and deciding upon and implementing actions to reduce risk to a defined level, which is an acceptable level of risk at an acceptable cost. This approach is characterised by identifying, measuring, and controlling risks to a level commensurate with an assigned level. [5]


UNISDR

The systematic approach and practice of managing uncertainty to minimize potential harm and loss. [6]

According to UNISDR, risk management comprises risk assessment and analysis, and the implementation of strategies and specific actions to control, reduce and transfer risks. It is widely practiced by organizations to minimise risk in investment decisions and to address operational risks such as those of business disruption, production failure, environmental damage, social impacts and damage from fire and natural hazards. Risk management is a core issue for sectors such as water supply, energy and agriculture whose production is directly affected by extremes of weather and climate.

Gestion des risques: Approche systémique et pratique managériale pour limiter les dommages et les pertes potentiels. [7]


Управление риском: Системный подход и практические действия, направленные на устранение неопределенности для снижения потенциального вреда и ущерба. [8]


Gestión del riesgo: El enfoque y la práctica sistemática de gestionar la incertidumbre para minimizar los daños y las pérdidas potenciales. [9]


إدارة المخاطر : المنهج النمطي والممارسات لإدارة مخاطر محتملة للتقليل من احتمالات الضرر والخسارة. [10]


Manajemen risiko: Pendekatan dan praktik sistematis dalam mengelola ketidakpastian untuk meminimalkan potensi kerusakan dan kerugian. [11]


Pengurusan Risiko: Pendekatan dan pelaksanaan sistematik dalam menguruskan ketidakpastian bagi meminimumkan kerosakan dan kerugian. [12]


Pamamahala sa Peligro: Ang sistematkong pamamaraan at praktika ng pamamahala ng kawalang-katiyakan para mabawasan ang posibilidad ng pinsala at kawalan. [13]


[14]مديريت خطرپذيري
رويكردي نظامند و به كاربستن مديريت عدم قطعيت براي به حداقل رساندن بالقوه آسيب و زيان



National Definitions

Argentina

Gestión de Riesgos: Actividades coordinadas para dirigir y controlar una organización en lo que concierne al riesgo. [15]

NOTA. La gestión de riesgos usualmente incluye la evaluación de riesgos, el tratamiento de riesgos, la aceptación de riesgos y la comunicación de riesgos.

Australia

Risk management is the systematic application of management policies, procedures and practices to the tasks of identifying, analyzing, evaluating, treating and monitoring risk. [16]


Coordinated activities to direct and control an organization with regard to risk. [17]


Risk management - The implementation of strategies to avoid unacceptable consequences. In the context of climate change adaptation and mitigation are the two broad categories of action that might be taken to avoid unacceptable consequences. [18]



Canada

Risk management is the use of policies, practices and resources to analyze, assess and control risks to health, safety, environment and the economy.

Gestion des risques: Recours à des politiques, à des pratiques et à des ressources pour analyser, évaluer et contrôler les risques pour la santé, la sécurité, l’environnement et l’économie. [19] [20]


Gestion des risques: Mesures prises pour garantir ou améliorer la sécurité d’une installation et de son fonctionnement (OCDE, 1992). [21]



Cape Verde

Gestão de risco: Abordagem sistemática e prática de gestão de incertezas para minimizer potenciais danos e perdas. [22]

A gestão de riscos compreende a avaliação de riscos e análise e da implementação de estratégias e acções específicas para controlar, reduzir e transferir riscos (redução de riscos). É bastante praticada por organizações para minimizar o risco nas decisões de investimento e para enfrentar os riscos operacionais, tais como de interrupção de negócios, falha de produção, danos ambientais, impactos sociais e danos causados pelo fogo e desastres naturais. A gestão de riscos é uma questão central para sectores tais como o de abastecimento de água, energia e agricultura, cuja produção é directamente afectado por eventos climáticos extremos.

Chile

Gestión del riesgo: Proceso social complejo que conduce al planeamiento y aplicación de políticas, estrategias, instrumentos y medidas orientadas a impedir, reducir, prever y controlar los efectos adversos de fenómenos peligrosos sobre la población, los bienes y servicios y el ambiente. [23]

Acciones integradas de reducción de riesgos a través de actividades de prevención, mitigación, preparación para, y atención de emergencias y recuperación post impacto.

Colombia

Manejo de Riesgos: Actividades integradas para evitar o mitigar los efectos adversos en las personas, los bienes, los servicios y el medio ambiente, mediante la planeación de la prevención y la preparación para la atención de la población potencialmente afectada. [24]


Administratión del Riesgo: Conjunto de elementos de control que al interrelacionarse, permiten a la Institución evaluar aquellos eventos negativos tanto internos como externos, que pueden afectar o impedir el logro de sus objetivos institucionales o los eventos positivos, que permiten identificar oportunidades para un mejor cumplimiento de su función. [25]



Cuba

Gestión del Riesgo: Aproximación sistemática, basada en la valoración de las amenazas y las vulnerabilidades, para la determinación de las contra-medidas necesarias para la protección de la información o los servicios y recursos que la soportan. [26]



Czech Republic

Řízení rizik: Koordinované činnosti pro vedení a řízení organizace s ohledem na rizika. [27]

Risk management are coordinated activities to manage and control an organization in view of the risks. [28]



El Salvador

Gestión de riesgos: Proceso social complejo que conduce al planeamiento y aplicación de políticas, estrategias, instrumentos y medidas orientadas a impedir, reducir, prever y controlar los efectos adversos de fenómenos peligrosos sobre la población, los bienes y servicios y el ambiente. Acciones integradas de reducción de riesgos a través de actividades de prevención, mitigación, preparación para, y atención de emergencias y recuperación post impacto.[29]



Finland

Riskienhallinta: järjestelmällinen toiminta, joka sisältää riskianalyysin sekä tarvittavien toimenpiteiden suunnittelun, toteutuksen, seurannan ja korjaavat toimenpiteet.

Risk management is a systematic action which includes risk analysis as well as the planning, execution and follow-up of operations needed and the corrective operations. -unofficial translation- [30]



Gambia

Risk management: Set of coordinated activities to direct and control an organization with regard to risk. [31]



Germany

The totality of measures to minimise the risk situation, weighing up the strategic alternatives (optional courses of action) in consultation with the parties concerned and according due consideration to the Risk Assessment and other factors worthy of consideration. [32]


Risikomanagement: Kontinuierlich ablaufendes, systematisches Verfahren zum zielgerichteten Umgang mit Risiken, das die Analyse und Bewertung von Risiken sowie die Planung und Umsetzung von Maßnahmen, insbesondere zur Risikovermeidung, -minimierung und -akzeptanz, beinhaltet. [33]


Germany

Risikomanagement: alle Aktivitäten mit Bezug auf die strategische und operative Behandlung von Risiken bezeichnet, also alle Tätigkeiten, um Risiken für eine Institution zu identifizieren, zu steuern und zu kontrollieren. [34]



Guatemala

Gestión de Riesgos: Estrategias de prevención, preparación, mitigación, respuesta y recuperación ante eventos de orden natural o antropogénico, social y tecnológico, que puedan afectar a la población, sus bienes y entorno. [35]



India

Risk management (in ICT) is the total process of identifying, controlling, and eliminating or minimizing uncertain events that may affect IT system resources. [36]


Risk Management: The systematic approach and practice of managing uncertainty to minimize potential harm and loss. [37]



Ireland

Risk management are actions taken to reduce the probability of an event occurring or to mitigate its consequences. [38]



Japan

リスク管理 : システム資源に影響を与える可能性がある不確実なイベントを識別、統制し、根絶もしくは最小化する過程.

(Cyber) Risk management is the process of identifying, controlling, and eliminating or minimizing uncertain events that may affect system resources. [39]


(リスク管理 : リスクを特定、アセスメントし、リスクに対応するプロセス。 [40]



Kiribati

Babaire aika a kakatauraoaki imwain kanganga aika a kona na riki ni irekereke ma bibitakin kanoan te bong. [41]

Risk management involves doing conscious, planned activities to address climate risk.



Kuwait

دارة املخاطر:هي عملية م�صتمرة لتحديد املخاطر املحتملة وحتليلها وتقييم مدى تأثريها وإبقائها عند م�صتوى مقبول، وهي عملية متكن امل ؤ�ص�صات من حتديد ال�صيا�صات وال�صوابط الأكرث تكيفا مع حماية أ�صول امل ؤ�ص�صة. [42]

Risk management: it is a continuous process of identifying potential risks, analysis and evaluation of their impact and maintained the risk at an acceptable level. Risk management enables organizations to define policies and controls which are the most likely to protect the assets. [43]



Liberia

Risk Management: Identifying vulnerabilities in a network and developing a strategy to protect against attack. [44]



Luxembourg

Gestion des risques: Activités coordonnées dans le but de diriger et piloter une organisation en prenant en compte les risques. [45]



Netherlands

Risicomanagement: inzichtelijk en systematisch inventariseren, beoordelen en – door het treffen van maatregelen – beheersbaar maken van risico’s en kansen, die het bereiken van de doelstellingen van de organisatie bedreigen dan wel bevorderen, op een zodanige wijze dat verantwoording kan worden afgelegd over de gemaakte keuzes. [46]


Risk management is the process that aims to identify and control the risk.

Risicomanagement is het proces dat beoogt risico's te inventariseren en te beheersen. [47]


[HEALTH sector]
Risico management/manipulatie: Het proces van afweging van beleidsalternatieven om geschatte risico’s te accepteren, minimaliseren of reduceren en de geschikte mogelijkheden te selecteren en uitvoeren.

Risk management: The process of weighing policy alternatives to accept, minimize or reduce assessed risks and to select and implement appropriate options. [48]



New Zealand/AOTEAROA

Risk management is the process of analysing exposure to risk, and determining how to manage that exposure. [49]

The level of risk is arrived at by examining the likelihood and consequences of the hazard and whether the course of action is acceptable for the outcome that needs to be achieved. (Likelihood x Consequences = Risk).

Norway

Risikostyring er hele prosessen med å definere hvilke områder og uønskede hendelser man skal gjøre risikoanalyser av, gjennomføre risikoanalysene, evaluere risikoresultatene (om risikonivået er forsvarlig eller ikke) og iverksette eventuelle risikoreduserende tiltak. [50]

Risk management is the entire process of defining in what areas and for what adverse events risk analyses should be conducted, conducting the risk analyses, evaluating the risk results (whether the level of risk is justifiable or not) and implementing any risk-reduction measures. [51]



Peru

Gestión del Riesgo de Desastres (GRD): Es un proceso social cuyo fin último es la prevención, la reducción y el control permanente de los factores de riesgo de desastre en la sociedad, así como la adecuada preparación y respuesta ante situaciones de desastre, considerando las políticas nacionales con especial énfasis en aquellas relativas a material económica, ambiental, de seguridad, defensa nacional y territorial de manera sostenible. [52]



Philippines

Risk Management: The process of managing risks to organizational operations (including mission, functions, image, reputation), organizational assets, individuals, other organizations, and the Nation, resulting from the operation of an information system, and includes: (i) the conduct of a risk assessment; (ii) the implementation of a risk mitigation strategy; and (iii) employment of techniques and procedures for the continuous monitoring of the security state of the information system. [53]


Risk Management: The process of managing risks to organizational operations (including mission, functions, image, or reputation), organizational assets, or individuals resulting from the operation of an information system, and includes: 1. the conduct of a risk assessment; 2. the implementation of a risk mitigation strategy; and 3. Employment of techniques and procedures for the continuous monitoring of the security state of the information system. [54]


Risk Management is the process of managing risks to agency operations (including mission, functions, image, or reputation), agency assets, or individuals resulting from the operation of an information system. [55]


Risk Management: The identification, analysis, assessment, control, and avoidance, minimisation, or elimination of unacceptable risks. [56]



Poland

Zarządzanie ryzykiem – skoordynowane działania w zakresie zarządzania cyberbezpieczeństwem w odniesieniu do oszacowanego ryzyka. [57]


Portugal

[Definição]Tratamento do Risco: Atenuação, eliminação, redução (mediante uma combinação adequada de medidas técnicas, materiais, organizativas e processuais), transferência ou monitorização do risco. [58]



Republic of Trinidad & Tobago

The systematic approach and practice of managing uncertainty to minimize potential harm and loss. [59]


Romania

Managementul riscurilor: Proces sistematic şi riguros de identificare, analiză, planificare, control şi comunicare a riscurilor. Fiecare risc identificat trece, secvenţial, prin celelalte funcţiuni, în mod continuu, concurent şi iterativ. [60]

Riscurile sunt uzual urmărite, în paralel cu identificarea şi analizarea unora noi, iar planurile de atenuare pentru un risc pot conduce la descoperirea altor riscuri.

Risk management (in ICT) is a complex, continuous and flexible identification, evaluation and fighting of cyber security risks, based on the use of complex tools and techniques to prevent losses of any kind.

Managementul riscului: un proces complex, continuu şi flexibil de identificare, evaluare şi contracarare a riscurilor la adresa securităţii cibernetice, bazat pe utilizarea unor tehnici şi instrumente complexe, pentru prevenirea pierderilor de orice natură. [61]



Serbia

управљање ризиком је систематичан скуп мера који укључује планирање, организовање и усмеравање активности како би се обезбедило да ризици остану у прописаним и прихватљивим оквирима. [62]



Singapore

Risk Management: Coordinated activities to direct and control an organisation with regard to risk. [63]



Spain

Gestión de Riesgos: Actividades coordinadas para dirigir y controlar una organización con respecto a los riesgos. [64]


Gestión del riesgo (Risk Management): (OTAN) Aproximación sistemática, basada en la valoración de las amenazas y las vulnerabilidades, para la determinación de las contra-medidas necesarias para la protección de la información o los servicios y recursos que la soportan. [65]



Switzerland

Unter Risikomanagement werden die koordinierten Aktivitäten zur Steuerung und Lenkung einer Organisation in Bezug auf Risiken, d. h. auf Auswirkungen von Unsicherheiten auf die Ziele der Organisation verstanden. [66]


On entend par gestion des risques l’ensemble des activités coordonnées dans le but de diriger et d’orienter une organisation par rapport aux risques, c.-à-d. par rapport aux conséquences que peuvent avoir les incertitudes sur les objectifs de l’organisation. [67]



United Arab Emirates

Risk Management: The culture, processes and structures that are directed towards the effective management of potential opportunities and adverse effects (HB167: 2006 Security Risk Management). [68]



United Kingdom (UK)

Risk Management is all activities and structures directed towards the effective assessment and management of risks and their potential adverse impacts. [69]

Risk Management is a process of identifying, understanding, managing, controlling, monitoring and communicating risk. [70]

Risk Management is putting in place plans to avoid unacceptable consequences of risks. [71]



United States

DHS
Process of identifying, analyzing, and communicating risk and accepting, avoiding, transferring or controlling it to an acceptable level at an acceptable cost. [72]


NIST
Prioritizing, evaluating, and implementing the appropriate risk-reducing controls/countermeasures recommended from the risk management process. (Source: CNSSI-4009; NIST SP 800-30; NIST SP 800-39)


The program and supporting processes to manage information security risk to organizational operations (including mission, functions, image, reputation), organizational assets, individuals, other organizations, and the Nation, and includes: (i) establishing the context for risk-related activities; (ii) assessing risk; (iii) responding to risk once determined; and (iv) monitoring risk over time [73]


US-CERT
The purpose of risk management is to identify, analyze, and mitigate risks to critical service and IT assets that could adversely affect the operation and delivery of services. [74]


White House
Cybersecurity risk management comprises the full range of activities undertaken to protect IT and data from unauthorized access and other cyber threats, to maintain awareness of cyber threats, to detect anomalies and incidents adversely affecting IT and data, and to mitigate the impact of, respond to, and recover from incidents.  [75]

Information sharing facilitates and supports all of these activities.

Standard Definition

IETF

The process of identifying, measuring, and controlling (i.e., mitigating) risks in information systems so as to reduce the risks to a level commensurate with the value of the assets protected. [76]


ISO/IEC 27000:2014, ISO 31000:2009 and ISO 22301:2012

These standards defines risk management as:

Risk amangement: Coordinated activities to direct and control an organization with regard to risk. [77] [78] [79])

Definition is based on the ISO Guide 73:2009. [80]

Risk management process is the systematic application of management policies, procedures and practices to the activities of communicating, consulting, establishing the context and identifying, analysing, evaluating, treating, monitoring and reviewing risk. [77] (based on the ISO Guide 73:2009 [80]). ISO/IEC 27005 uses the term ‘process’ to describe risk management overall. The elements within the risk management process are termed ‘activities’.

Dictionary

Risicomanagement: Een continu proces waarbij bedrijfsrisico's voortdurend worden bewaakt. Onderdelen van dit proces zijn bijvoorbeeld het identifi�ceren, evalueren, prioriteren van risico’s en het nemen van maatregelen (accepteren, mitigeren, overdragen of vermijden). [81]




See also

Notes

References

  1. Jump up GLOSSAIRE MULTILINGUE DE LA GESTION DU RISQUE pour usagers francophones (2007)/European Centre of Technological Safety (TESEC) - TESEC-EUR-OPA 2001)
  2. Jump up European Commission's CBRN Glossary, 2012
  3. Jump up ENISA Risk Glossary
  4. Jump up Caribbean Disaster Emergency Management Agency (CDEMA) Regional Comprehensive Disaster Management Strategy and Results Framework 2014-2024
  5. Jump up NATO EAPC(SCEPC) lexicon.
  6. Jump up 2009 UNISDR Terminology on Disaster Risk Reduction
  7. Jump up UNISDR glossary
  8. Jump up UNISDR glossary
  9. Jump up UNISDR glossary
  10. Jump up UNISDR glossary
  11. Jump up UNISDR glossary in Bahasa
  12. Jump up UNISDR glossary in Malay
  13. Jump up UNISDR glossary in Tagalog
  14. Jump up Internationally agreed glossary of basic terms related to Disaster Management in Farsi
  15. Jump up Oficina Nacional de Tecnologías de Información ADMINISTRACION PUBLICA NACIONAL Disposición 3/2013 - Apruébase la “Política de Seguridad de la Información Modelo” (2013)
  16. Jump up Australian Emergency Management Glossary, Emergency Management Australia (1998)
  17. Jump up Australia AS NZS 5050 (2010)
  18. Jump up ADAPTATION TO CLIMATE CHANGE: KEY TERMS, E. Levina and D. Terpak, OECD (2006) - derived from (Australian Greenhouse Office. 2003)
  19. Jump up An Emergency Management Framework for Canada (Second Edition)
  20. Jump up Vocabulaire de la gestion des urgencies/Emergency Management Emergency Management Vocabulary 281 (2012)
  21. Jump up Guide Analyse de risques d'accidents technologiques majeurs (2002)
  22. Jump up Avaliação das Necessidades Pós- Desastre (PDNA) ERUPÇÃO VULCÂNICA NO FOGO 2014-2015, Cape Verde
  23. Jump up GUÍA ANÁLISIS DE RIESGOS NATURALES PARA EL ORDENAMIENTO TERRITORIAL Subsecretaría de Desarrollo Regional y Administrativo (SUBDERE) Primera Edición, Junio 2011
  24. Jump up Glosario Policia Colombia
  25. Jump up Glosario Policia Colombia
  26. Jump up Glossary of Cyber terms/Glosario de términos, Centro de Seguridad del Ciberespacio
  27. Jump up Výkladový slovník kybernetické bezpečnosti (2013)
  28. Jump up Act No. 181 of 23 July 2014 On Cyber Security and Change of Related Acts (Act on Cyber Security)
  29. Jump up Glosario de Riesgo, Ministerio de Medio Ambiente y Recursos Naturales, El Salvador
  30. Jump up Vocabulary of Comprehensive Security. Helsinki (TSK 47) (2014)
  31. Jump up THE GAMBIA NATIONAL CYBERSECURITY STRATEGY (2019)
  32. Jump up Protection of Critical Infrastructures – Baseline Protection Concept: Recommendation for Companies, BMI.
  33. Jump up Glossar BBK
  34. Jump up BSI Glossary
  35. Jump up Plan Estratégico de Seguridad de la Nación 2016-2020, Guatemala
  36. Jump up India's DGQA Cyber Security Policy (2015)
  37. Jump up National Disaster Management Plan (NDMP)- (2016)
  38. Jump up A FRAMEWORK FOR MAJOR EMERGENCY MANAGEMENT (APPENDICES)
  39. Jump up RFC2828 (Japanese translation)
  40. Jump up 重要インフラのサイバーセキュリティを 向上させるためのフレームワーク (2014)
  41. Jump up Kiribati BI-LINGUAL GLOSSARY OF CLIMATE CHANGE TERMS, Original translations by Dr Temakei Tebano & Etita Teiabauri, 2008
  42. Jump up الاستراتيجية الوطنية للأمن السيبراني لدولة الكويت (2017-2020)
  43. Jump up National Cyber Security Strategy 2017-2020
  44. Jump up Government of Liberia’s Policy for the Telecommunications and Information Communications Technology (ICT) sectors
  45. Jump up Glossaire
  46. Jump up Beveiligingsvoorschrift Rijksdienst 2013
  47. Jump up Zakboekje Preventie Cybercrime (2008
  48. Jump up Patiëntveiligheid Definitielijst (2005)
  49. Jump up The New Zealand Coordinated Incident Management System, Department of the Prime Minister and Cabinet, New Zealand. (2014)
  50. Jump up DSB, National Risikobild 2014
  51. Jump up DSB, National Risk Analysis 2014
  52. Jump up El Centro Nacional de Estimación, Prevención y Reducción del Riesgo de Desastres - CENEPRED, Glosario de Términos, Peru
  53. Jump up DND GLOSSARY OF CYBER SECURITY TERMS (v.4)
  54. Jump up DND GLOSSARY OF CYBER SECURITY TERMS (v.4)
  55. Jump up DND GLOSSARY OF CYBER SECURITY TERMS (v.4)
  56. Jump up NHS Cyber security glossary
  57. Jump up U S TAWA z dnia o krajowym systemie cyberbezpieczeństwa / Polish (draft) law on the national cybersecurity system (2018)
  58. Jump up Glossário Centro National de Cibersegurança Portugal
  59. Jump up Comprehensive Disaster Management Policy Framework for Trinidad and Tobago
  60. Jump up GLOSAR de termeni din domeniul ordinii şi siguranţei publice, MINISTERUL ADMINISTRAŢIEI ŞI INTERNELOR DIRECŢIA GENERALĂ ORGANIZARE, PLANIFICARE MISIUNI ŞI RESURSE
  61. Jump up Hotărârea nr. 271/2013 pentru aprobarea Strategiei de securitate cibernetică
  62. Jump up ЗАКОН О ИНФОРМАЦИОНОЈ БЕЗБЕДНОСТИ (Law on Information Security), Serbia
  63. Jump up Foresight: A Glossary, Civil Service College, Singapore
  64. Jump up CIBERSEGURIDAD. RETOS Y AMENAZAS A LA SEGURIDAD NACIONAL EN EL CIBERESPACIO, MINISTERIO DE DEFENSA (2010)
  65. Jump up CIBERSEGURIDAD. RETOS Y AMENAZAS A LA SEGURIDAD NACIONAL EN EL CIBERESPACIO, MINISTERIO DE DEFENSA (2010)
  66. Jump up Leitfaden Schutz kritischer Infrastrukturen 2015 pointing at ISO 31000
  67. Jump up Guide pour la protection des infrastructures critiques 2015/Glossaire des risques, Office fédéral de la protection de la population, 29.4.2013
  68. Jump up Abu Dhabi Safety and Security Planning Manual
  69. Jump up Glossary - Revision to Emergency Preparedness, Cabinet Office (2012)
  70. Jump up Cabinet Office, Section A: Introduction, Definitions and Principles of Infrastructure Resilience n.d.
  71. Jump up The National Adaptation Programme: Making the country resilient to a changing climate, UK Government (2013)
  72. Jump up DHS Risk Lexicon 2010 Edition, September 2010
  73. Jump up NIST Special Publication 800-53 Rev 4: Security and Privacy Controls for Federal Information Systems and Organizations (April 2013)
  74. Jump up Cyber Resilience Review (CRR): Method Description and Self-Assessment User Guide (2016)
  75. Jump up Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure (May 11, 2017
  76. Jump up IETF RFC449 Internet Security Glossary 2
  77. Jump up to: 77.0 77.1 ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
  78. Jump up ISO/IEC 31000:2009, Risk management -- Principles and guidelines
  79. Jump up ISO 22301:2012 Societal security -- Business continuity management systems --- Requirements
  80. Jump up to: 80.0 80.1 ISO Guide 73:2009 Risk management -- Vocabulary
  81. Jump up Cybersecurity Woordenboek 2021


Retrieved from "https://websites.fraunhofer.de/CIPedia/index.php?title=Risk_Management&oldid=13609"