Difference between revisions of "Residual Risk"
Jump to navigation
Jump to search
(→United States) |
(→Standard Definition) |
||
Line 14: | Line 14: | ||
===Standard Definition=== | ===Standard Definition=== | ||
− | ==== ISO/IEC 27000:2014 ==== | + | ==== ISO/IEC 27000:2014 and ISO 31000:2009 ==== |
− | {{definition|[[Risk]] remaining after [[Risk Treatment|risk treatment]]. <ref name="ISO27000-14"> [http://www.iso.org/iso/home/store/catalogue_ics/catalogue_detail_ics.htm?csnumber=63411 ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary]</ref> }} | + | {{definition|[[Risk]] remaining after [[Risk Treatment|risk treatment]]. <ref name="ISO27000-14"> [http://www.iso.org/iso/home/store/catalogue_ics/catalogue_detail_ics.htm?csnumber=63411 ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary]</ref> <ref name="ISO31000-09"> [http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=43170 ISO/IEC 31000:2009, Risk management -- Principles and guidelines]</ref>}} |
<big> | <big> | ||
* Residual risk can contain unidentified risk. | * Residual risk can contain unidentified risk. | ||
− | * Residual risk can also be known as “retained risk”.</big> | + | * Residual risk can also be known as “retained risk”.</big><br /> |
==See also== | ==See also== |
Revision as of 23:31, 29 May 2015
Contents
Definitions
European Definitions
Other International Definitions
UNISDR
The risk that remains in unmanaged form, even when effective disaster risk reduction measures are in place, and for which emergency response and recovery capacities must be maintained. [1]
According to UNISDR, the presence of residual risk implies a continuing need to develop and support effective capacities for emergency services, preparedness,response and recovery together with socio-economic policies such as safety nets and risk transfer mechanisms.
National Definitions
United States
Standard Definition
ISO/IEC 27000:2014 and ISO 31000:2009
- Residual risk can contain unidentified risk.
- Residual risk can also be known as “retained risk”.
See also
Notes
- ↑ 2009 UNISDR Terminology on Disaster Risk Reduction
- ↑ DHS Risk Lexicon 2010 Edition, September 2010
- ↑ ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
- ↑ ISO/IEC 31000:2009, Risk management -- Principles and guidelines