Difference between revisions of "Residual Risk"

From CIPedia
Jump to navigation Jump to search
Line 4: Line 4:
  
 
=== Other International Definitions ===
 
=== Other International Definitions ===
==== UNISDR ====
+
==== [[UNISDR]] ====
 
{{definition|The risk that remains in unmanaged form, even when effective [[Disaster Risk|disaster risk]] reduction [[measure|measures]] are in place, and for which [[emergency]] response and recovery capacities must be maintained. <ref> [http://www.unisdr.org/files/7817_UNISDRTerminologyEnglish.pdf 2009 UNISDR Terminology on Disaster Risk Reduction]</ref>}}
 
{{definition|The risk that remains in unmanaged form, even when effective [[Disaster Risk|disaster risk]] reduction [[measure|measures]] are in place, and for which [[emergency]] response and recovery capacities must be maintained. <ref> [http://www.unisdr.org/files/7817_UNISDRTerminologyEnglish.pdf 2009 UNISDR Terminology on Disaster Risk Reduction]</ref>}}
 
<big>According to UNISDR, the presence of residual risk implies a continuing need to develop and support effective capacities for [[emergency services]], [[preparedness]],[[response]] and [[recovery]] together with socio-economic policies such as safety nets and [[Risk Transfer|risk transfer]] mechanisms.</big>
 
<big>According to UNISDR, the presence of residual risk implies a continuing need to develop and support effective capacities for [[emergency services]], [[preparedness]],[[response]] and [[recovery]] together with socio-economic policies such as safety nets and [[Risk Transfer|risk transfer]] mechanisms.</big>
  
 
=== National Definitions ===
 
=== National Definitions ===
==== Canada ====
+
==== [[Canada]] ====
 
{{definition|Risk that remains after implementing risk mitigation measures.<br /><br />Risque qui subsiste après l’application de mesures d’atténuation du risque. <ref name="canada">[http://www.bt-tb.tpsgc-pwgsc.gc.ca/publications/documents/urgence-emergency.pdf Vocabulaire de la gestion des urgencies/Emergency Management Emergency Management Vocabulary 281 (2012)]</ref>}}  
 
{{definition|Risk that remains after implementing risk mitigation measures.<br /><br />Risque qui subsiste après l’application de mesures d’atténuation du risque. <ref name="canada">[http://www.bt-tb.tpsgc-pwgsc.gc.ca/publications/documents/urgence-emergency.pdf Vocabulaire de la gestion des urgencies/Emergency Management Emergency Management Vocabulary 281 (2012)]</ref>}}  
 
<br />
 
<br />
 +
==== [[Czech Republic]] ====
 +
{{definition| Zbytkové riziko: Riziko, které zůstává i po aplikaci příslušných opatření. <ref> http://www.govcert.cz/download/nodeid-561  Výkladový slovník kybernetické bezpečnosti (2013)</ref> <br/><br/> Residual risk is the [[risk]] remaining even after an application of the appropriate [[measure|measures]]. <ref> http://www.govcert.cz/download/nodeid-561  Výkladový slovník kybernetické bezpečnosti (2013)</ref>}}<br/>
  
==== United States ====
+
==== [[United States]] ====
 
{{definition|Residual risk is [[risk]] that remains after [[Risk Management|risk management]] [[Measure|measures]] have been implemented. <ref name="DHSLex"> [http://www.dhs.gov/xlibrary/assets/dhs-risk-lexicon-2010.pdf DHS Risk Lexicon 2010 Edition, September 2010]</ref>}}<br />
 
{{definition|Residual risk is [[risk]] that remains after [[Risk Management|risk management]] [[Measure|measures]] have been implemented. <ref name="DHSLex"> [http://www.dhs.gov/xlibrary/assets/dhs-risk-lexicon-2010.pdf DHS Risk Lexicon 2010 Edition, September 2010]</ref>}}<br />
 
<br />
 
<br />
  
 
===Standard Definition===
 
===Standard Definition===
==== ISO/IEC 27000:2014 and ISO 31000:2009 ====
+
==== [[ISO|ISO/IEC 27000:2014 and ISO 31000:2009]] ====
 
{{definition|[[Risk]] remaining after [[Risk Treatment|risk treatment]]. <ref name="ISO27000-14"> [http://www.iso.org/iso/home/store/catalogue_ics/catalogue_detail_ics.htm?csnumber=63411 ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary]</ref> <ref name="ISO31000-09"> [http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=43170 ISO/IEC 31000:2009, Risk management -- Principles and guidelines]</ref>}}
 
{{definition|[[Risk]] remaining after [[Risk Treatment|risk treatment]]. <ref name="ISO27000-14"> [http://www.iso.org/iso/home/store/catalogue_ics/catalogue_detail_ics.htm?csnumber=63411 ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary]</ref> <ref name="ISO31000-09"> [http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=43170 ISO/IEC 31000:2009, Risk management -- Principles and guidelines]</ref>}}
 
<big>  
 
<big>  
Line 35: Line 37:
  
 
[[Category:Risk]]
 
[[Category:Risk]]
{{#set:defined by=UNISDR|defined by=Canada|defined by=United States|defined by=ISO}}
+
{{#set:defined by=UNISDR|defined by=Canada|defined by=Czech Republic|defined by=United States|defined by=ISO}}

Revision as of 18:28, 18 July 2015

Definitions

European Definitions

Other International Definitions

UNISDR

The risk that remains in unmanaged form, even when effective disaster risk reduction measures are in place, and for which emergency response and recovery capacities must be maintained. [1]

According to UNISDR, the presence of residual risk implies a continuing need to develop and support effective capacities for emergency services, preparedness,response and recovery together with socio-economic policies such as safety nets and risk transfer mechanisms.

National Definitions

Canada

Risk that remains after implementing risk mitigation measures.

Risque qui subsiste après l’application de mesures d’atténuation du risque. [2]


Czech Republic

Zbytkové riziko: Riziko, které zůstává i po aplikaci příslušných opatření. [3]

Residual risk is the risk remaining even after an application of the appropriate measures. [4]


United States

Residual risk is risk that remains after risk management measures have been implemented. [5]



Standard Definition

ISO/IEC 27000:2014 and ISO 31000:2009

Risk remaining after risk treatment. [6] [7]

  • Residual risk can contain unidentified risk.
  • Residual risk can also be known as “retained risk”.

See also

Notes