Difference between revisions of "Risk"
(→Turkey) |
(→References) |
||
(59 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
==Definitions== | ==Definitions== | ||
=== European Definitions === | === European Definitions === | ||
− | ====[[ | + | ==== [[Council of Europe]] ==== |
+ | {{definition|Risk is the estimated probability that [[damage]] will occur to life, property, or the environment if a specified dangerous [[event]] occurs. <ref>[http://www.europhras.org/Site/anderedokumente/GMLGR5L_6_12_07.pdf GLOSSAIRE MULTILINGUE DE LA GESTION DU RISQUE pour usagers francophones (2007)/European Centre of Technological Safety (TESEC) - TESEC-EUR-OPA 2001)]</ref>}}<br/><br/> | ||
+ | ====[[European Commission]]==== | ||
+ | {{definition|Risk means any circumstance or event having a potential adverse effect on the [[Resilience|resilience]] of [[Critical Entities|critical entities]]. <ref>[https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:52020PC0829&from=EN Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the resilience of critical entities COM/2020/829 final]</ref>}}<br/> | ||
+ | |||
{{definition|The possibility of loss, [[damage]] or injury having regard to the value placed on the [[asset]] by its owner/operator and the [[impact]] of loss or change to the [[asset]], and the likelihood that a specific [[vulnerability]] will be exploited by a particular [[threat]]. <ref>[http://eur-lex.europa.eu/LexUriServ/site/en/com%/2006/com2006_0787en01.pdf EC COM(2006) 787 final, Directive of the Council on the identification and designation of European Critical Infrastructure and the assessment of the need to improve their protection, EC, Brussels 12.12.2006.]</ref>}}<br /> | {{definition|The possibility of loss, [[damage]] or injury having regard to the value placed on the [[asset]] by its owner/operator and the [[impact]] of loss or change to the [[asset]], and the likelihood that a specific [[vulnerability]] will be exploited by a particular [[threat]]. <ref>[http://eur-lex.europa.eu/LexUriServ/site/en/com%/2006/com2006_0787en01.pdf EC COM(2006) 787 final, Directive of the Council on the identification and designation of European Critical Infrastructure and the assessment of the need to improve their protection, EC, Brussels 12.12.2006.]</ref>}}<br /> | ||
{{definition|The probability of adverse effects caused by a hazardous phenomenon or substance in an organism, a population, or an ecological system. <ref name="CBRN">[https://cbrn.jrc.ec.europa.eu European Commission's CBRN Glossary, 2012]</ref>}}<br /> | {{definition|The probability of adverse effects caused by a hazardous phenomenon or substance in an organism, a population, or an ecological system. <ref name="CBRN">[https://cbrn.jrc.ec.europa.eu European Commission's CBRN Glossary, 2012]</ref>}}<br /> | ||
− | |||
{{definition|Risk means any reasonably identifiable circumstance or [[event]] having a potential adverse [[effect]] on the security of network and information systems. <ref name="NIS Directive">[http://eur-lex.europa.eu/legal-content/FR/TXT/PDF/?uri=CELEX:32016L1148 DIRECTIVE (EU) 2016/1148 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union]</ref>}}<br/> | {{definition|Risk means any reasonably identifiable circumstance or [[event]] having a potential adverse [[effect]] on the security of network and information systems. <ref name="NIS Directive">[http://eur-lex.europa.eu/legal-content/FR/TXT/PDF/?uri=CELEX:32016L1148 DIRECTIVE (EU) 2016/1148 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union]</ref>}}<br/> | ||
Line 14: | Line 17: | ||
==== [[CLIMATE-ADAPT]] ==== | ==== [[CLIMATE-ADAPT]] ==== | ||
{{definition|Risk is the combination of the probability of an event and its negative consequences. <ref>[http://climate-adapt.eea.europa.eu/help/glossary European Climate Adaptation Platform (CLIMATE-ADAPT) Glossary]</ref>}} Comment: This definition closely follows the definition of the ISO/IEC Guide 73. The word "risk" has two distinctive connotations: in popular usage the emphasis is usually placed on the concept of chance or possibility, such as in "the risk of an accident"; whereas in technical settings the emphasis is usually placed on the consequences, in terms of "potential losses" for some particular cause, place and period. It can be noted that people do not necessarily share the same perceptions of the significance and underlying causes of different risks. <br/><br/> | {{definition|Risk is the combination of the probability of an event and its negative consequences. <ref>[http://climate-adapt.eea.europa.eu/help/glossary European Climate Adaptation Platform (CLIMATE-ADAPT) Glossary]</ref>}} Comment: This definition closely follows the definition of the ISO/IEC Guide 73. The word "risk" has two distinctive connotations: in popular usage the emphasis is usually placed on the concept of chance or possibility, such as in "the risk of an accident"; whereas in technical settings the emphasis is usually placed on the consequences, in terms of "potential losses" for some particular cause, place and period. It can be noted that people do not necessarily share the same perceptions of the significance and underlying causes of different risks. <br/><br/> | ||
− | |||
− | |||
=== European Project Definitions === | === European Project Definitions === | ||
Line 27: | Line 28: | ||
<br/> | <br/> | ||
==== [[IAEA]] ==== | ==== [[IAEA]] ==== | ||
− | {{definition|Risk is the potential that a given [[threat]] will exploit the [[vulnerability|vulnerabilities]] of an asset, or group of assets, and thereby cause [[harm]] to the organization. <ref>[https://www-ns.iaea.org/downloads/security/nuclear-security-series-glossary-v1-3.pdf IAEA - Nuclear Security Series Glossary Version 1.3 (November 2015)]</ref>}}Risk is measured in terms of a combination of the [likelihood]] of an event and the severity of its consequences. <br/> | + | {{definition|Risk is the potential that a given [[threat]] will exploit the [[vulnerability|vulnerabilities]] of an asset, or group of assets, and thereby cause [[harm]] to the organization. <ref>[https://www-ns.iaea.org/downloads/security/nuclear-security-series-glossary-v1-3.pdf IAEA - Nuclear Security Series Glossary Version 1.3 (November 2015)]</ref>}}Risk is measured in terms of a combination of the [likelihood]] of an event and the severity of its consequences. <br/><br/> |
==== [[NATO|NATO CEP / EAPC]] ==== | ==== [[NATO|NATO CEP / EAPC]] ==== | ||
{{definition|The possibility of loss, [[damage]] or injury. <ref>NATO EAPC(SCEPC) lexicon 2003.</ref>}} | {{definition|The possibility of loss, [[damage]] or injury. <ref>NATO EAPC(SCEPC) lexicon 2003.</ref>}} | ||
− | + | The level of risk is a condition of two factors: (1) the value placed on the asset by its owner/operator and the impact of loss or change to the asset, and (2) the likelihood that a specific vulnerability will be exploited by a particular threat. | |
− | <br /> | + | <br /><br/> |
+ | |||
+ | ==== [[OECD]] ==== | ||
+ | {{definition|“Digital security risk” describes a category of [[risk]] related to the use, development and management of the digital environment in the course of any activity. <ref>[https://www.oecd.org/sti/ieconomy/digital-security-risk-management.pdf Digital Security Risk Management for Economic and Social Prosperity]</ref>}}This risk can result from the combination of threats and vulnerabilities in the digital environment. It can undermine the achievement of economic and social objectives by disrupting the confidentiality, integrity and availability of the activities and/or the environment. Digital security risk is dynamic in nature. It includes aspects related to the digital and physical environments, the people involved in the activity and the organisational processes supporting it. <br/><br/> | ||
− | ==== [[ | + | ==== [[UNDRR]] ==== |
{{definition|Risk is the combination of the probability of an [[event]] and its negative [[consequence|consequences]]. <ref>[http://www.unisdr.org/we/inform/terminology 2009 UNISDR Terminology on Disaster Risk Reduction, United Nations International Strategy for Disaster Reduction (UNISDR), Geneva, Switzerland, May 2009.]</ref>}} | {{definition|Risk is the combination of the probability of an [[event]] and its negative [[consequence|consequences]]. <ref>[http://www.unisdr.org/we/inform/terminology 2009 UNISDR Terminology on Disaster Risk Reduction, United Nations International Strategy for Disaster Reduction (UNISDR), Geneva, Switzerland, May 2009.]</ref>}} | ||
<br /> | <br /> | ||
Line 44: | Line 48: | ||
{{definition|Risiko: Gabungan antara kemungkinan terjadinya suatu peristiwa dan dampak-dampak negatif yang ditimbulkannya. <ref>[http://www.preventionweb.net/files/7817_isdrindonesia.pdf UNISDR glossary in Bahasa]</ref>}}<br/> | {{definition|Risiko: Gabungan antara kemungkinan terjadinya suatu peristiwa dan dampak-dampak negatif yang ditimbulkannya. <ref>[http://www.preventionweb.net/files/7817_isdrindonesia.pdf UNISDR glossary in Bahasa]</ref>}}<br/> | ||
{{definition|Peligro: Isang mapanganib na kaganapan, substansya, aktibidad ng tao, o kondisyon na maaaring kumitil ng buhay, puminsala sa katawan at kalusugan, sumira ng ariarian, magwasak ng kabuhayan at mga serbisyo, bumulabog ng lipunan at ekonomya at magwasak ng kapaligiran. <ref>[http://www.preventionweb.net/files/7817_isdrphillipinesterminology.pdf UNISDR glossary in Tagalog]</ref>}}<br/> | {{definition|Peligro: Isang mapanganib na kaganapan, substansya, aktibidad ng tao, o kondisyon na maaaring kumitil ng buhay, puminsala sa katawan at kalusugan, sumira ng ariarian, magwasak ng kabuhayan at mga serbisyo, bumulabog ng lipunan at ekonomya at magwasak ng kapaligiran. <ref>[http://www.preventionweb.net/files/7817_isdrphillipinesterminology.pdf UNISDR glossary in Tagalog]</ref>}}<br/> | ||
− | {{definition|Peligro: Ang probabilidad ng isang pangyayari at ang negatibong mga epekto nito. <ref>[http://www.preventionweb.net/files/7817_isdrphillipinesterminology.pdf UNISDR glossary in Tagalog]</ref>}}<br/><br/> | + | {{definition|Peligro: Ang probabilidad ng isang pangyayari at ang negatibong mga epekto nito. <ref>[http://www.preventionweb.net/files/7817_isdrphillipinesterminology.pdf UNISDR glossary in Tagalog]</ref>}}<br/> |
+ | {{definition|<ref>[https://www.preventionweb.net/files/7817_unisdr2009terminologypersianedition.pdf Internationally agreed glossary of basic terms related to Disaster Management in Farsi]</ref> خطرپذيري<br/>تركيب و آميزه اي از احتمال يك رخداد و پيامدهاي منفي آن}}<br/><br/> | ||
==== [[UNDHA]] ==== | ==== [[UNDHA]] ==== | ||
Line 63: | Line 68: | ||
{{definition|Risiko: alle mit vernünftigem Aufwand feststellbaren Umstände oder Ereignisse, die potenziell nachteilige Auswirkungen auf die Sicherheit von Netz- und Informationssystemen haben. <ref>[http://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - DE]</ref>}}<br/><br/> | {{definition|Risiko: alle mit vernünftigem Aufwand feststellbaren Umstände oder Ereignisse, die potenziell nachteilige Auswirkungen auf die Sicherheit von Netz- und Informationssystemen haben. <ref>[http://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - DE]</ref>}}<br/><br/> | ||
==== [[Belgium]] ==== | ==== [[Belgium]] ==== | ||
− | {{definition|(cyber) Risico: elke redelijkerwijs vast te stellen omstandigheid of gebeurtenis met een mogelijk schadelijk effect op de beveiliging van netwerk- en informatiesystemen. <ref>[http://eur-lex.europa.eu/legal-content/NL/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - NL]</ref> | + | {{definition|(cyber) Risico: elke redelijkerwijs vast te stellen omstandigheid of gebeurtenis met een mogelijk schadelijk effect op de beveiliging van netwerk- en informatiesystemen. <ref>[http://eur-lex.europa.eu/legal-content/NL/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - NL]</ref><br/><br/>Risque: toute circonstance ou tout événement raisonnablement identifiable ayant un impact négatif potentiel sur la sécurité des réseaux et des systèmes d'information. <ref>[http://eur-lex.europa.eu/legal-content/FR/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - FR]</ref><br/><br/>Risiko: alle mit vernünftigem Aufwand feststellbaren Umstände oder Ereignisse, die potenziell nachteilige Auswirkungen auf die Sicherheit von Netz- und Informationssystemen haben. <ref>[http://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - DE]</ref>}}<br/> |
− | |||
{{definition|Risico is de combinatie van de kans op het voorkomen van een bepaalde gebeurtenis en de bijhorende gevolgen. <ref>[http://www.milieurapport.be/Upload/main/0_Klimaatrapport/2015-01_MIRA_klimaatscenarios_TW.pdf Actualisatie en verfijning klimaatscenario’s tot 2100 voor Vlaanderen, MIRA/2015/01, januari 2015]</ref>}}<br /><br/> | {{definition|Risico is de combinatie van de kans op het voorkomen van een bepaalde gebeurtenis en de bijhorende gevolgen. <ref>[http://www.milieurapport.be/Upload/main/0_Klimaatrapport/2015-01_MIRA_klimaatscenarios_TW.pdf Actualisatie en verfijning klimaatscenario’s tot 2100 voor Vlaanderen, MIRA/2015/01, januari 2015]</ref>}}<br /><br/> | ||
+ | |||
+ | ====[[Bermuda]]==== | ||
+ | {{definition|Risk: potential that a given cyber-threat will exploit the vulnerabilities of an information system to cause [[harm]]. <ref>[https://www.gov.bm/sites/default/files/10999-National-Cybersecurity-Strategy.pdf Bermuda Cybersecurity Strategy 2018-2022]</ref>}}<br/> | ||
==== [[Bosnia and Herzegovina]] ==== | ==== [[Bosnia and Herzegovina]] ==== | ||
Line 79: | Line 86: | ||
{{definition|Risque: Combinaison de la probabilité de l’occurrence d’un événement et ses conséquences. (from: ISO/IEC 27002:2005) <ref>[http://www.cirt.bf/index.php/referentiel/glossaire-2/ CIRT-BF Glossary]</ref>}}<br /><br/> | {{definition|Risque: Combinaison de la probabilité de l’occurrence d’un événement et ses conséquences. (from: ISO/IEC 27002:2005) <ref>[http://www.cirt.bf/index.php/referentiel/glossaire-2/ CIRT-BF Glossary]</ref>}}<br /><br/> | ||
==== [[Canada]] ==== | ==== [[Canada]] ==== | ||
− | {{definition| Risk is the combination of the likelihood and the consequence of a specified hazard being realized.<br /><br />Risqué: combinaison de la possibilité qu’un aléa donné se produise et des conséquences potentielles pouvant y être associées. <ref>[http://www.publicsafety.gc.ca/cnt/rsrcs/pblctns/mrgnc-mngmnt-frmwrk/index-eng.aspx An Emergency Management Framework for Canada (Second Edition) ]</ref> <ref name=" | + | {{definition| Risk is the combination of the likelihood and the consequence of a specified hazard being realized.<br /><br />Risqué: combinaison de la possibilité qu’un aléa donné se produise et des conséquences potentielles pouvant y être associées. <ref>[http://www.publicsafety.gc.ca/cnt/rsrcs/pblctns/mrgnc-mngmnt-frmwrk/index-eng.aspx An Emergency Management Framework for Canada (Second Edition) ]</ref> <ref name="canada2">[http://publications.gc.ca/collections/collection_2012/tpsgc-pwgsc/S52-2-281-2012.pdf Vocabulaire de la gestion des urgencies/Emergency Management Emergency Management Vocabulary 281 (2012)]</ref>}} |
Risk refers to the vulnerability, proximity or exposure to hazards, which affects the likelihood of adverse impact.<br /><br/> | Risk refers to the vulnerability, proximity or exposure to hazards, which affects the likelihood of adverse impact.<br /><br/> | ||
{{definition|Risque: combinaison de la conséquence d’un accident et de sa fréquence d’occurrence. <ref name="canada">[http://www.mddelcc.gouv.qc.ca/evaluations/documents/guide-risque-techno.pdf Guide Analyse de risques d'accidents technologiques majeurs (2002)]</ref>}}<br /><br/> | {{definition|Risque: combinaison de la conséquence d’un accident et de sa fréquence d’occurrence. <ref name="canada">[http://www.mddelcc.gouv.qc.ca/evaluations/documents/guide-risque-techno.pdf Guide Analyse de risques d'accidents technologiques majeurs (2002)]</ref>}}<br /><br/> | ||
Line 88: | Line 95: | ||
{{definition|Riesgo: Se define como el número de pérdidas humanas, heridos, daños a las propiedades y efectos sobre la actividad económica debido a la ocurrencia de un desastre, es decir el producto del riesgo específico, y los elementos en riesgo. <ref>[http://www.gorecoquimbo.gob.cl/gorecoquimbo/site/artic/20150511/asocfile/20150511104931/libro_guia_de_analisis_de_riesgos_naturales_para_el_ordenamiento_territorial_.pdf GUÍA ANÁLISIS DE RIESGOS NATURALES PARA EL ORDENAMIENTO TERRITORIAL Subsecretaría de Desarrollo Regional y Administrativo (SUBDERE) Primera Edición, Junio 2011]</ref>}}<br/><br/> | {{definition|Riesgo: Se define como el número de pérdidas humanas, heridos, daños a las propiedades y efectos sobre la actividad económica debido a la ocurrencia de un desastre, es decir el producto del riesgo específico, y los elementos en riesgo. <ref>[http://www.gorecoquimbo.gob.cl/gorecoquimbo/site/artic/20150511/asocfile/20150511104931/libro_guia_de_analisis_de_riesgos_naturales_para_el_ordenamiento_territorial_.pdf GUÍA ANÁLISIS DE RIESGOS NATURALES PARA EL ORDENAMIENTO TERRITORIAL Subsecretaría de Desarrollo Regional y Administrativo (SUBDERE) Primera Edición, Junio 2011]</ref>}}<br/><br/> | ||
==== [[Colombia]] ==== | ==== [[Colombia]] ==== | ||
− | {{definition|Riesgo:<br/>(1) Algo que podría suceder y afectar el logro de los objetivos organizacionales (GTC 176).<br/>(2) Efecto de la incertidumbre sobre los objetivos (GTC137 2011).<br/>(3) Posibilidad de que suceda algún evento que tendrá un impacto sobre los objetivos institucionales o del proceso. (Guía de Admón. de Riesgos DAFP Septiembre 2011). <ref>[https://www.policia.gov.co/glosario Glosario Policia Colombia]</ref>}}<br /><br/> | + | {{definition|Riesgo:<br/>(1) Algo que podría suceder y afectar el logro de los objetivos organizacionales (GTC 176).<br/>(2) Efecto de la incertidumbre sobre los objetivos (GTC137 2011).<br/>(3) Posibilidad de que suceda algún evento que tendrá un impacto sobre los objetivos institucionales o del proceso. (Guía de Admón. de Riesgos DAFP Septiembre 2011). <ref>[https://www.policia.gov.co/glosario Glosario Policia Colombia]</ref>}}<br/> |
+ | ====[[Costa Rica]]==== | ||
+ | {{definition|Riesgo: Medida del grado en el que una entidad se ve amenazada por una circunstancia o evento potencial y típicamente una función de los impactos adversos que surgirían si ocurriera la circunstancia o el evento; y la probabilidad de que ocurra. <ref>[https://micitt.go.cr/sites/default/files/2023-11/NCS%20Costa%20Rica%20-%2010Nov2023%20SPA.pdf Estrategia Nacional de Ciberseguridad de Costa Rica (2023-2027) ]</ref>}}<br/> | ||
==== [[Croatia]] ==== | ==== [[Croatia]] ==== | ||
{{definition|Rizik: znaĀi bilo koja razumno prepoznatljiva okolnost ili događaj koji ima potencijalan negativni uĀinak na sigurnost mrežnih i informacijskih sustava. <ref>[http://eur-lex.europa.eu/legal-content/HR/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - HR]</ref>}}<br/><br/> | {{definition|Rizik: znaĀi bilo koja razumno prepoznatljiva okolnost ili događaj koji ima potencijalan negativni uĀinak na sigurnost mrežnih i informacijskih sustava. <ref>[http://eur-lex.europa.eu/legal-content/HR/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - HR]</ref>}}<br/><br/> | ||
====[[Cuba]]==== | ====[[Cuba]]==== | ||
− | {{definition|Riesgo Posibilidad: de que una amenaza concreta pueda explotar una vulnerabilidad para causar una pérdida o daño en un activo de información. Suele considerarse como una combinación de la probabilidad de un evento y sus consecuencias. <ref>[http://www.cscuba.cu/es/glosario-de-terminos/A Glossary of Cyber terms/Glosario de términos, Centro de Seguridad del Ciberespacio]</ref>}}<br/> | + | {{definition|Riesgo Posibilidad: de que una amenaza concreta pueda explotar una vulnerabilidad para causar una pérdida o daño en un activo de información. Suele considerarse como una combinación de la probabilidad de un evento y sus consecuencias. <ref>[http://www.cscuba.cu/es/glosario-de-terminos/A Glossary of Cyber terms/Glosario de términos, Centro de Seguridad del Ciberespacio]</ref>}}<br/> |
+ | |||
==== [[Cyprus]] ==== | ==== [[Cyprus]] ==== | ||
{{definition|Κίνδυνος: κάθε εύλογα διαπιστώσιμη περίσταση ή γεγονός με δυνητική δυσμενή επίπτωση στην ασφάλεια συστημάτων δικτύου και πληροφοριών. <ref> [http://eur-lex.europa.eu/legal-content/EL/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union – EL]</ref>}}<br/><br/> | {{definition|Κίνδυνος: κάθε εύλογα διαπιστώσιμη περίσταση ή γεγονός με δυνητική δυσμενή επίπτωση στην ασφάλεια συστημάτων δικτύου και πληροφοριών. <ref> [http://eur-lex.europa.eu/legal-content/EL/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union – EL]</ref>}}<br/><br/> | ||
Line 102: | Line 112: | ||
==== [[Denmark]] ==== | ==== [[Denmark]] ==== | ||
{{definition|Risiko: enhver rimeligt identificerbar omstændighed eller begivenhed, der har en potentiel negativ indvirkning på sikkerheden i net- og informationssystemer. <ref>[http://eur-lex.europa.eu/legal-content/DA/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - DA]</ref>}}<br/><br/> | {{definition|Risiko: enhver rimeligt identificerbar omstændighed eller begivenhed, der har en potentiel negativ indvirkning på sikkerheden i net- og informationssystemer. <ref>[http://eur-lex.europa.eu/legal-content/DA/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - DA]</ref>}}<br/><br/> | ||
− | {{definition|Risiko er en potentiel hændelse (såsom brand, sammenstyrtning og udslip) eller kombination af en potentiel hændelse og et objekt (såsom forsamlingslokale, beboelsesejendom, lagerhal, motorvej og festival), som kan føre til skader på personer, ejendom eller miljø. <ref>[HÅNDBOG I RISIKOBASERET DIMENSIONERING, Beredskabsstyrelsen, Denmark (2004)]</ref>}}<br /><br/> | + | {{definition|Risiko er en potentiel hændelse (såsom brand, sammenstyrtning og udslip) eller kombination af en potentiel hændelse og et objekt (såsom forsamlingslokale, beboelsesejendom, lagerhal, motorvej og festival), som kan føre til skader på personer, ejendom eller miljø. <ref>[https://brs.dk/da/nyheder-og-publikationer/publikationer2/alle-publikationer/2004/handbog-i-risikobaseret-dimensionering/ HÅNDBOG I RISIKOBASERET DIMENSIONERING, Beredskabsstyrelsen, Denmark (2004)]</ref>}}<br /><br/> |
+ | |||
==== [[El Salvador]] ==== | ==== [[El Salvador]] ==== | ||
{{definition|Riesgo: Es la probabilidad que se presente un nivel de consecuencias económicas, sociales o ambientales en un sitio particular y durante un período de tiempo definido. Se obtiene de relacionar la amenaza con la vulnerabilidad de los elementos expuestos. <ref>[http://www.marn.gob.sv/glosario-de-riesgo/ Glosario de Riesgo, Ministerio de Medio Ambiente y Recursos Naturales, El Salvador]</ref>}}<br/><br/> | {{definition|Riesgo: Es la probabilidad que se presente un nivel de consecuencias económicas, sociales o ambientales en un sitio particular y durante un período de tiempo definido. Se obtiene de relacionar la amenaza con la vulnerabilidad de los elementos expuestos. <ref>[http://www.marn.gob.sv/glosario-de-riesgo/ Glosario de Riesgo, Ministerio de Medio Ambiente y Recursos Naturales, El Salvador]</ref>}}<br/><br/> | ||
==== [[Estonia]] ==== | ==== [[Estonia]] ==== | ||
− | {{definition|Risk: mõistlikult tuvastatav asjaolu või sündmus, mis võib kahjustada võrgu- ja infosüsteemide turvalisust;. <ref> [http://eur-lex.europa.eu/legal-content/ET/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - ET]</ref> | + | {{definition|Risk: mõistlikult tuvastatav asjaolu või sündmus, mis võib kahjustada võrgu- ja infosüsteemide turvalisust;. <ref> [http://eur-lex.europa.eu/legal-content/ET/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - ET]</ref>}}<br/> |
+ | ====[[Eswatini]]==== | ||
+ | {{definition|Risk: The potential that a given cyber threat will exploit the vulnerabilities of an information system and cause [[harm]]. <ref>[https://ncsirt.org.sz/wp-content/uploads/2021/06/Eswatini-NCS-2020.pdf ESWATINI NATIONAL CYBERSECURITY STRATEGY 2020 - 2025 (2020)]</ref>}}<br/> | ||
+ | |||
====[[Finland]]==== | ====[[Finland]]==== | ||
{{definition|Riski: kielteisen seikan tai tapahtuman todennäköisyyden ja vaikutusten yhdistelmä.<br/><br/>Risk is the combination of probability and [[consequence|consequences]] of a negative circumstance or [[event]]. -''unofficial translation''- <ref name=TSK>[http://www.spek.fi/loader.aspx?id=1c66e01d-a75e-4a9a-80ec-9816340ce752 Vocabulary of Comprehensive Security. Helsinki (TSK 47) (2014)]</ref>}}<br /> | {{definition|Riski: kielteisen seikan tai tapahtuman todennäköisyyden ja vaikutusten yhdistelmä.<br/><br/>Risk is the combination of probability and [[consequence|consequences]] of a negative circumstance or [[event]]. -''unofficial translation''- <ref name=TSK>[http://www.spek.fi/loader.aspx?id=1c66e01d-a75e-4a9a-80ec-9816340ce752 Vocabulary of Comprehensive Security. Helsinki (TSK 47) (2014)]</ref>}}<br /> | ||
Line 113: | Line 127: | ||
==== [[France]] ==== | ==== [[France]] ==== | ||
{{definition|Risque: toute circonstance ou tout événement raisonnablement identifiable ayant un impact négatif potentiel sur la sécurité des réseaux et des systèmes d'information;. <ref>[http://eur-lex.europa.eu/legal-content/FR/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - FR]</ref>}}<br/><br/> | {{definition|Risque: toute circonstance ou tout événement raisonnablement identifiable ayant un impact négatif potentiel sur la sécurité des réseaux et des systèmes d'information;. <ref>[http://eur-lex.europa.eu/legal-content/FR/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - FR]</ref>}}<br/><br/> | ||
+ | ==== [[Gambia]] ==== | ||
+ | {{definition|Risk: Effect of uncertainty on objectives. <ref>[http://www.moici.gov.gm/sites/default/files/2019-09/20160726%20Gambia%20Strategy%20-%20Cybersecurity%20Strategy_final_with_Gambia_cover_page.pdf THE GAMBIA NATIONAL CYBERSECURITY STRATEGY (2019)]</ref>}}These Objectives can have different aspects (such as financial, health and safety, information security, andenvironmental goals) and can apply at different levels (such as strategic, organization-wide, project, product and process). Risk should becharacterized by reference to potential events and consequences, or a combination of these, and expressed in terms of a combination of the consequences of an information security event and the associated likelihood. <br /><br/> | ||
==== [[Germany]] ==== | ==== [[Germany]] ==== | ||
{{definition|Likelihood of a serious danger which (a) constitutes a threat to human life, (b) will impair the health of a large number of people, or (c) affects economic activity, public services and technical infrastructures and may cause [[damage]] to the environment, in particular animals and plants, the soil, the water, the atmosphere and cultural and material assets. <ref>[http://www.kritis.bund.de/SharedDocs/Downloads/Kritis/EN/Baseline%20Protection%20Concept.pdf Protection of Critical Infrastructures – Baseline Protection Concept: Recommendation for Companies, BMI.]</ref>}}<br /> | {{definition|Likelihood of a serious danger which (a) constitutes a threat to human life, (b) will impair the health of a large number of people, or (c) affects economic activity, public services and technical infrastructures and may cause [[damage]] to the environment, in particular animals and plants, the soil, the water, the atmosphere and cultural and material assets. <ref>[http://www.kritis.bund.de/SharedDocs/Downloads/Kritis/EN/Baseline%20Protection%20Concept.pdf Protection of Critical Infrastructures – Baseline Protection Concept: Recommendation for Companies, BMI.]</ref>}}<br /> | ||
{{definition|Risiko: alle mit vernünftigem Aufwand feststellbaren Umstände oder Ereignisse, die potenziell nachteilige Auswirkungen auf die Sicherheit von Netz- und Informationssystemen haben. <ref>[http://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - DE]</ref>}}<br/> | {{definition|Risiko: alle mit vernünftigem Aufwand feststellbaren Umstände oder Ereignisse, die potenziell nachteilige Auswirkungen auf die Sicherheit von Netz- und Informationssystemen haben. <ref>[http://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - DE]</ref>}}<br/> | ||
{{definition|Risiko: Maß für die Wahrscheinlichkeit des Eintritts eines bestimmten [[Damage|Schadens]] an einem Schutzgut unter Berücksichtigung des potenziellen Schadensausmaßes. <ref>[http://www.bbk.bund.de/DE/Servicefunktionen/Glossar/_function/glossar.html Glossar BBK]</ref>}}<br /> | {{definition|Risiko: Maß für die Wahrscheinlichkeit des Eintritts eines bestimmten [[Damage|Schadens]] an einem Schutzgut unter Berücksichtigung des potenziellen Schadensausmaßes. <ref>[http://www.bbk.bund.de/DE/Servicefunktionen/Glossar/_function/glossar.html Glossar BBK]</ref>}}<br /> | ||
− | {{definition|Risiko ist ein mögliches Event, das zu einem Schaden oder Verlust führen oder das Erreichen von Zielen beeinträchtigen könnte. <ref>[https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Hochverfuegbarkeit/BandAH/AH6_Glossar.pdf BSI Glossary]</ref>}} <br /><br/> | + | {{definition|Risiko ist ein mögliches Event, das zu einem Schaden oder Verlust führen oder das Erreichen von Zielen beeinträchtigen könnte. <ref>[https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Hochverfuegbarkeit/BandAH/AH6_Glossar.pdf BSI Glossary]</ref>}} <br /> |
+ | {{definition|Risiko wird häufig definiert als die Kombination (also dem Produkt) aus der Häufigkeit, mit der ein Schaden auftritt und dem Ausmaß dieses Schadens. Der Schaden wird häufig als Differenz zwischen einem geplanten und ungeplanten Ergebnis dargestellt. Risiko ist eine spezielle Form der Unsicherheit oder besser Unwägbarkeit. <ref>[https://www.bsi.bund.de/DE/Themen/Cyber-Sicherheit/Empfehlungen/cyberglossar/Functions/glossar.html?cms_lv2=9817306 BSI Glossary]</ref>}} <br /><br/> | ||
==== [[Greece]] ==== | ==== [[Greece]] ==== | ||
Line 124: | Line 141: | ||
==== [[Guatemala]] ==== | ==== [[Guatemala]] ==== | ||
+ | {{definition|Riesgo: El riesgo está asociado con el potencial que las amenazas explotarán vulnerabilidades de un activo de información o grupo de activos de información causando daños a una organización. Fuente: ISO Guide 73:2009 <ref>[http://mingob.gob.gt/wp-content/uploads/2018/06/version-digital.pdf La Estrategia Nacional de Seguridad Cibernética (June 2018)]</ref>}}<br /> | ||
+ | |||
{{definition|Riesgo: Probabilidad de la presencia o manifestación de evento natural o antropogénico, de orden político, económico, social, sanitario o ambiental que afecte negativamente la Seguridad de la Nación, provocando pérdidas físicas, socioeconómicas y ambientales como efecto de la sinergia o complementariedad de una amenaza y una vulnerabilidad. <ref>[http://stcns.gob.gt/docs/2016/Plan_Estrategico/PESN%202016-2020.pdf Plan Estratégico de Seguridad de la Nación 2016-2020, Guatemala]</ref>}}<br/><br/> | {{definition|Riesgo: Probabilidad de la presencia o manifestación de evento natural o antropogénico, de orden político, económico, social, sanitario o ambiental que afecte negativamente la Seguridad de la Nación, provocando pérdidas físicas, socioeconómicas y ambientales como efecto de la sinergia o complementariedad de una amenaza y una vulnerabilidad. <ref>[http://stcns.gob.gt/docs/2016/Plan_Estrategico/PESN%202016-2020.pdf Plan Estratégico de Seguridad de la Nación 2016-2020, Guatemala]</ref>}}<br/><br/> | ||
+ | |||
+ | ====[[Haiti]]==== | ||
+ | {{definition|Risque: probabilité d'occurrence d'un événement avec des conséquences négatives potentielles qui peuvent affecter les biens ou les intérêts de la nation. <ref>[http://www.md.gouv.ht/Livre_Blanc.pdf LIVRE BLANC SUR LA SÉCURITÉ ET LA DÉFENSE NATIONALE POUR LE DÉVELOPPEMENT ÉCONOMIQUE ET SOCIAL DURABLE D’HAÏTI, Juin 2015]</ref>}}Généralement, c’est un incertain et difficile à résoudre et de nature complexe, et ayant parfois dans certains cas des causes multiples qui mettent éventuellement en danger l'intégrité d'un pays dans un ou plusieurs aspects de la vie nationale. <br /><br/> | ||
==== [[Hungary]] ==== | ==== [[Hungary]] ==== | ||
{{definition|Kockázat: minden olyan észszerűen azonosítható körülmény vagy esemény, amely kedvezőtlen hatást gyakorolhat a hálózati és információs rendszerek biztonságára. <ref>[http://eur-lex.europa.eu/legal-content/HU/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - HU ]</ref>}}<br/><br/> | {{definition|Kockázat: minden olyan észszerűen azonosítható körülmény vagy esemény, amely kedvezőtlen hatást gyakorolhat a hálózati és információs rendszerek biztonságára. <ref>[http://eur-lex.europa.eu/legal-content/HU/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - HU ]</ref>}}<br/><br/> | ||
====[[India]]==== | ====[[India]]==== | ||
− | {{definition|Risk is the potential of [[damage]] to a system or associated [[Asset|assets]] that exists as a result of the combination of security [[threat]] and [[vulnerability]]. <ref>[http://www.dgqadefence.gov.in/documents/pdf/cyber-security-policy-dgqa-2015.pdf India's DGQA Cyber Security Policy (2015)] </ref>}}<br /><br/> | + | {{definition|Risk is the potential of [[damage]] to a system or associated [[Asset|assets]] that exists as a result of the combination of security [[threat]] and [[vulnerability]]. <ref>[http://www.dgqadefence.gov.in/documents/pdf/cyber-security-policy-dgqa-2015.pdf India's DGQA Cyber Security Policy (2015)] </ref>}}<br /> |
+ | {{definition|Risk: The combination of the probability of an event and its negative consequences. <ref>[https://ndma.gov.in/images/policyplan/dmplan/National%20Disaster%20Management%20Plan%20May%202016.pdf National Disaster Management Plan (NDMP)- (2016)]</ref>}}<br/><br/> | ||
+ | |||
==== [[Ireland]] ==== | ==== [[Ireland]] ==== | ||
{{definition|Risk is the combination of the likelihood of a hazardous [[event]] and its potential [[impact]]. <ref>[http://www.justice.ie/en/JELR/Appendices2D.pdf/Files/Appendices2D.pdf A FRAMEWORK FOR MAJOR EMERGENCY MANAGEMENT (APPENDICES)]</ref>}} <br /> | {{definition|Risk is the combination of the likelihood of a hazardous [[event]] and its potential [[impact]]. <ref>[http://www.justice.ie/en/JELR/Appendices2D.pdf/Files/Appendices2D.pdf A FRAMEWORK FOR MAJOR EMERGENCY MANAGEMENT (APPENDICES)]</ref>}} <br /> | ||
Line 141: | Line 165: | ||
==== [[Japan]] ==== | ==== [[Japan]] ==== | ||
− | {{definition|リスク: 特定の脅威が特定の脆弱性を攻略し、特定の有害な結果をもたらす確率として表明される損失の期待値. <br/><br/>(Cyber) Risk is an expectation of loss expressed as the probability that a articular threat will exploit a particular vulnerability with a articular harmful result. <ref>[http://www.ipa.go.jp/security/rfc/RFC2828EN.html RFC2828 (Japanese translation)] </ref>}}<br/><br/> | + | {{definition|リスク: 特定の脅威が特定の脆弱性を攻略し、特定の有害な結果をもたらす確率として表明される損失の期待値. <br/><br/>(Cyber) Risk is an expectation of loss expressed as the probability that a articular threat will exploit a particular vulnerability with a articular harmful result. <ref>[http://www.ipa.go.jp/security/rfc/RFC2828EN.html RFC2828 (Japanese translation)] </ref>}}<br/> |
+ | {{definition|リスク : 発生しうる状況またはイベントによって、あるものが脅かされる程度 の尺度であり、通常、<br/>(i) 当該の状況またはイベントが発生した場合 にもたらされると考えられる悪影響と、<br/>(ii) 発生の可能性との計算式 (関数)によって求められる。 <ref>[https://www.ipa.go.jp/files/000038957.pdf 重要インフラのサイバーセキュリティを 向上させるためのフレームワーク (2014)]</ref><br/><br/>Risk: A measure of the extent to which things are threatened, depending on the circumstances or [[Event|events]] that can occur, and usually is: <br/>(i) the adverse effects that are likely to result if the situation or event occurred, <br/> (ii) the probability of occurrence.}}<br/> | ||
+ | |||
==== (States of) [[Jersey]] ==== | ==== (States of) [[Jersey]] ==== | ||
{{definition|Risk: the combination of the probability of an event and its negative consequences. <ref>[https://www.gov.je/sitecollectiondocuments/government%20and%20administration/r%20tcpa%20future%20proofing%20jersey%20phase%201%20report%20final%2023.06.2015.pdf States of Jersey Future-proofing Jersey: Building Resilience for the 21st Century (2015)]</ref>}}<br /><br/> | {{definition|Risk: the combination of the probability of an event and its negative consequences. <ref>[https://www.gov.je/sitecollectiondocuments/government%20and%20administration/r%20tcpa%20future%20proofing%20jersey%20phase%201%20report%20final%2023.06.2015.pdf States of Jersey Future-proofing Jersey: Building Resilience for the 21st Century (2015)]</ref>}}<br /><br/> | ||
+ | ==== [[Kingdom of Saudi Arabia]]==== | ||
+ | {{definition|Risk: A measure of the extent to which an organization is threatened by a potential circumstance or event, and typically a function of: (i) the adverse impacts that would arise if the circumstance or event occurs; and (ii) the likelihood of occurrence. <ref>[http://www.sama.gov.sa/en-US/Laws/BankingRules/SAMA%20Cyber%20Security%20Framework.pdf Saudi Arabian Monetary Authority (2017)]</ref> }}(NISTIR 7298r2 Glossary of Key Information Security Terms) <br/><br/> | ||
+ | |||
==== [[Kiribati]] ==== | ==== [[Kiribati]] ==== | ||
− | {{definition|Kanganga: Baika a kona n riki imwiin ana mwakuri te angbuaka n te aro are e kona n iai ana urubwai ke akeaBaika aika a kona n riki ae kona n iai ana urubai nakon baai ke akea. <ref>[http://www.president.gov.ki/wp-content/uploads/2014/08/KAPII-Bi-Lingual-Glossary-CLIMATE-CHANGE-TERMS.pdf Kiribati BI-LINGUAL GLOSSARY OF CLIMATE CHANGE TERMS, Original translations by Dr Temakei Tebano & Etita Teiabauri, 2008]</ref><br/><br/>Risk: The chance of something happening that will have a negative or positive impact on goals.}}<br/> | + | {{definition|Kanganga: Baika a kona n riki imwiin ana mwakuri te angbuaka n te aro are e kona n iai ana urubwai ke akeaBaika aika a kona n riki ae kona n iai ana urubai nakon baai ke akea. <ref>[http://www.president.gov.ki/wp-content/uploads/2014/08/KAPII-Bi-Lingual-Glossary-CLIMATE-CHANGE-TERMS.pdf Kiribati BI-LINGUAL GLOSSARY OF CLIMATE CHANGE TERMS, Original translations by Dr Temakei Tebano & Etita Teiabauri, 2008]</ref><br/><br/>Risk: The chance of something happening that will have a negative or positive impact on goals.}}<br/> |
− | |||
==== [[Latvia]] ==== | ==== [[Latvia]] ==== | ||
Line 153: | Line 181: | ||
{{definition|Rizika – pagrĢstai nustatoma aplinkybĊ ar Ģvykis, galintis turĊti neigiamą poveikĢ tinklų ir informacinių sistemų saugumui. <ref>[http://eur-lex.europa.eu/legal-content/LT/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - LT]</ref>}}<br/><br/> | {{definition|Rizika – pagrĢstai nustatoma aplinkybĊ ar Ģvykis, galintis turĊti neigiamą poveikĢ tinklų ir informacinių sistemų saugumui. <ref>[http://eur-lex.europa.eu/legal-content/LT/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - LT]</ref>}}<br/><br/> | ||
==== [[Luxembourg]] ==== | ==== [[Luxembourg]] ==== | ||
− | {{definition|Risque: toute circonstance ou tout événement raisonnablement identifiable ayant un impact négatif potentiel sur la sécurité des réseaux et des systèmes d'information | + | {{definition|Risque: toute circonstance ou tout événement raisonnablement identifiable ayant un impact négatif potentiel sur la sécurité des réseaux et des systèmes d'information. <ref>[http://eur-lex.europa.eu/legal-content/FR/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - FR]</ref>}}<br/> |
+ | {{definition|Risque: Effet de l’incertitude sur l’atteinte des objectifs. <ref>[https://cybersecurite.public.lu/fr/glossaire.html Glossaire]</ref>}}<br/><br/> | ||
+ | |||
==== [[Malta]] ==== | ==== [[Malta]] ==== | ||
{{definition|Riskju: tfisser kwalunkwe ċirkostanza jew avveniment raġonevolment identifikabbli li jista' jkollu effett negattiv fuq is-sigurtà tan-netwerks u tas-sistemi tal-informazzjoni. <ref>[http://eur-lex.europa.eu/legal-content/MT/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - MT]</ref>}}<br/><br/> | {{definition|Riskju: tfisser kwalunkwe ċirkostanza jew avveniment raġonevolment identifikabbli li jista' jkollu effett negattiv fuq is-sigurtà tan-netwerks u tas-sistemi tal-informazzjoni. <ref>[http://eur-lex.europa.eu/legal-content/MT/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - MT]</ref>}}<br/><br/> | ||
==== [[Mexico]] ==== | ==== [[Mexico]] ==== | ||
− | {{definition|Riesgo: Situación que puede conducir a una consecuencia negativa no deseada. <ref>[http://tramites.semarnat.gob.mx/Doctos/DGIRA/Guia/MIAParticularRiesgo/GuiasEstudioRiesgo/g_vias_generales.pdf GUÍA PARA LA PRESENTACIÓN DEL ESTUDIO DE RIESGO MODALIDAD ANALISIS DE RIESGO, Mexico] </ref>}}<br /><br /> | + | {{definition|Riesgo: Situación que puede conducir a una consecuencia negativa no deseada. <ref>[http://tramites.semarnat.gob.mx/Doctos/DGIRA/Guia/MIAParticularRiesgo/GuiasEstudioRiesgo/g_vias_generales.pdf GUÍA PARA LA PRESENTACIÓN DEL ESTUDIO DE RIESGO MODALIDAD ANALISIS DE RIESGO, Mexico] </ref>}}<br/> |
+ | |||
+ | {{definition|Riesgo: La posibilidad de que una amenaza aproveche una vulnerabilidad y cause una pérdida o daño sobre los activos de TIC, las infraestructuras críticas o los activos de información. <ref>[https://www.gob.mx/cms/uploads/attachment/file/271884/Estrategia_Nacional_Ciberseguridad.pdf Estragia Nacional de Ciberseguridad (November 2017)]</ref>}}<br/><br/> | ||
+ | |||
==== [[Nepal]] ==== | ==== [[Nepal]] ==== | ||
{{definition|Risk: The combination of the probability of an event and its negative consequences. <ref>[http://ppcr.moste.gov.np/wp-content/uploads/2015/02/Training-Manual-Final-26-January-2015-sohan.pdf Climate Change and Community Based Adaptation Planning Training Manual, Government of Nepal (2015)]</ref>}}<br/><br/> | {{definition|Risk: The combination of the probability of an event and its negative consequences. <ref>[http://ppcr.moste.gov.np/wp-content/uploads/2015/02/Training-Manual-Final-26-January-2015-sohan.pdf Climate Change and Community Based Adaptation Planning Training Manual, Government of Nepal (2015)]</ref>}}<br/><br/> | ||
Line 164: | Line 197: | ||
{{definition|Risk is the annual loss expectancy (ALE) by the manifestation of [[threat|threats]].<br/><br/>Risico is de jaarlijks te verwachten schade door het manifesteren van bedreigingen. <ref>[http://www.pblq.nl/media/63123/HEC%20Zakboekje%20preventie%20cybercrime.pdf Zakboekje Preventie Cybercrime (2008)]</ref>}}<br /> | {{definition|Risk is the annual loss expectancy (ALE) by the manifestation of [[threat|threats]].<br/><br/>Risico is de jaarlijks te verwachten schade door het manifesteren van bedreigingen. <ref>[http://www.pblq.nl/media/63123/HEC%20Zakboekje%20preventie%20cybercrime.pdf Zakboekje Preventie Cybercrime (2008)]</ref>}}<br /> | ||
{{definition|Risico: elke redelijkerwijs vast te stellen omstandigheid of gebeurtenis met een mogelijk schadelijk effect op de beveiliging van netwerk- en informatiesystemen. <ref>[http://eur-lex.europa.eu/legal-content/NL/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - NL]</ref>}}<br/>{{definition|[Dutch] Risico: De vermenigvuldiging van de kans op het ontstaan van brand en het effect daarvan. <ref>[https://www.brandweer.nl/publish/pages/risico_beoordeling_16_0_bhm_2015.pdf Risicobeoordeling 16.0: Een kansrijk kader; Theorie achter het risicomanagementproces en leidraad voor risicobeoordeling, June 2015]</ref>}}<br /> | {{definition|Risico: elke redelijkerwijs vast te stellen omstandigheid of gebeurtenis met een mogelijk schadelijk effect op de beveiliging van netwerk- en informatiesystemen. <ref>[http://eur-lex.europa.eu/legal-content/NL/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - NL]</ref>}}<br/>{{definition|[Dutch] Risico: De vermenigvuldiging van de kans op het ontstaan van brand en het effect daarvan. <ref>[https://www.brandweer.nl/publish/pages/risico_beoordeling_16_0_bhm_2015.pdf Risicobeoordeling 16.0: Een kansrijk kader; Theorie achter het risicomanagementproces en leidraad voor risicobeoordeling, June 2015]</ref>}}<br /> | ||
+ | |||
+ | {{definition|[HEALTH sector]<br/>Risico: Een functie van de mogelijkheid op een ongewenst effect en de grootte van dat effect, voortvloeiend uit geva(a)r(en).<br/><br/>Risk: a function of the probability of an adverse effect and the magnitude of that [[effect]], consequential to [[Hazard|hazard(s)]]. <ref>[https://www.medischcontact.nl/web/file?uuid=56770c4f-4440-4b02-b568-177eb7b1ab9f&owner=1e836119-cfd1-4e33-a731-da3efbb2a701&contentid=23865 Patiëntveiligheid Definitielijst (2005)]</ref>}}<br/><br /> | ||
==== [[Norway]] ==== | ==== [[Norway]] ==== | ||
Line 171: | Line 206: | ||
==== [[Poland]] ==== | ==== [[Poland]] ==== | ||
+ | {{definition|Ryzyko – kombinacja [[Probability|prawdopodobieństwa]] wystąpienia zdarzenia niepożądanego i jego [[Consequence|konsekwencji]]. <ref name=Poland>[http://bip.kprm.gov.pl/download/75/30991/RM-10-64-18.pdf U S TAWA z dnia o krajowym systemie cyberbezpieczeństwa / Polish (draft) law on the national cybersecurity system (2018)]</ref>}}<br /> | ||
+ | |||
{{definition|Ryzyko: oznacza każdą dającą się racjonalnie określić okoliczność lub zdarzenie, które ma potencjalny niekorzystny wpływ na bezpieczeństwo sieci i systemów informatycz nych. <ref>[http://eur-lex.europa.eu/legal-content/PL/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - PL]</ref> <ref>[https://mc.gov.pl/files/strategia_cyberbezpieczenstwa_rzeczypospolitej_polskiej_na_lata_2017_-_2022.pdf Strategia Cyberbezpieczeństwa Rzeczypospolitej Polskiej na lata 2017-2022]</ref>}}<br/><br/> | {{definition|Ryzyko: oznacza każdą dającą się racjonalnie określić okoliczność lub zdarzenie, które ma potencjalny niekorzystny wpływ na bezpieczeństwo sieci i systemów informatycz nych. <ref>[http://eur-lex.europa.eu/legal-content/PL/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - PL]</ref> <ref>[https://mc.gov.pl/files/strategia_cyberbezpieczenstwa_rzeczypospolitej_polskiej_na_lata_2017_-_2022.pdf Strategia Cyberbezpieczeństwa Rzeczypospolitej Polskiej na lata 2017-2022]</ref>}}<br/><br/> | ||
==== [[Portugal]] ==== | ==== [[Portugal]] ==== | ||
− | {{definition|Risco | + | {{definition|Risco: uma circunstância ou um evento, razoavelmente identificáveis, com um efeito adverso potencial na segurança das redes e dos sistemas de informação. <ref>[http://eur-lex.europa.eu/legal-content/PT/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - PT]</ref>}}<br/><br/> |
{{definition|Risco: Possibilidade de uma ameaça específica explorar as vulnerabilidades internas e externas de uma organização ou de um dos sistemas por ela utilizados, causando assim danos à organização e respetivos ativos corpóreos ou incorpóreos. <ref>Decisão do Conselho n.º 2013/488/EU, de 23 de setembro de 2013, relativa às regras de segurança aplicáveis à proteção das informações classificadas da UE</ref>}}<br/><br/> | {{definition|Risco: Possibilidade de uma ameaça específica explorar as vulnerabilidades internas e externas de uma organização ou de um dos sistemas por ela utilizados, causando assim danos à organização e respetivos ativos corpóreos ou incorpóreos. <ref>Decisão do Conselho n.º 2013/488/EU, de 23 de setembro de 2013, relativa às regras de segurança aplicáveis à proteção das informações classificadas da UE</ref>}}<br/><br/> | ||
Line 181: | Line 218: | ||
==== [[Romania]] ==== | ==== [[Romania]] ==== | ||
{{definition|Risc: înseamnă orice circumstanță sau eveniment ce poate fi identificat în mod rezonabil care are un efect potențial negativ asupra securității rețelelor și a sistemelor informatice. <ref>[http://eur-lex.europa.eu/legal-content/RO/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - RO]</ref>}}<br/> | {{definition|Risc: înseamnă orice circumstanță sau eveniment ce poate fi identificat în mod rezonabil care are un efect potențial negativ asupra securității rețelelor și a sistemelor informatice. <ref>[http://eur-lex.europa.eu/legal-content/RO/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - RO]</ref>}}<br/> | ||
− | {{definition|Risc: Estimarea matematică a pierderilor umane şi materiale, pe o perioadă de referinţă şi într-o zonă dată, cauzate de un dezastru; probabilitatea de a avea de înfruntat un pericol, un necaz, de a ajunge într-o primejdie sau de a avea de înfruntat sau de suportat o pagubă; potenţial pericol. <ref>[http://www.editura.mai.gov.ro/documente/biblioteca/2006/Glosar%20de%20termeni%20din%20domeniul%20ordinii%20publice/GLOSAR%20OP.pdf GLOSAR de termeni din domeniul ordinii şi siguranţei publice, MINISTERUL ADMINISTRAŢIEI ŞI INTERNELOR DIRECŢIA GENERALĂ ORGANIZARE, PLANIFICARE MISIUNI ŞI RESURSE]</ref>}}<br/><br/> | + | {{definition|Risc: Estimarea matematică a pierderilor umane şi materiale, pe o perioadă de referinţă şi într-o zonă dată, cauzate de un dezastru; probabilitatea de a avea de înfruntat un pericol, un necaz, de a ajunge într-o primejdie sau de a avea de înfruntat sau de suportat o pagubă; potenţial pericol. <ref>[http://www.editura.mai.gov.ro/documente/biblioteca/2006/Glosar%20de%20termeni%20din%20domeniul%20ordinii%20publice/GLOSAR%20OP.pdf GLOSAR de termeni din domeniul ordinii şi siguranţei publice, MINISTERUL ADMINISTRAŢIEI ŞI INTERNELOR DIRECŢIA GENERALĂ ORGANIZARE, PLANIFICARE MISIUNI ŞI RESURSE]</ref>}}<br/> |
+ | {{definition|Risc (în sens larg): posibilitatea de a se expune primejdiei, de a avea de înfruntat un necaz sau de suportat o pagubă. <br/><br/>Risc (în sens restrâns): probabilitatea şi proporţiile unor pagube potenţiale <ref>[http://www.europhras.org/Site/anderedokumente/GMLGR5L_6_12_07.pdf GLOSSAIRE MULTILINGUE DE LA GESTION DU RISQUE pour usagers francophones (2007)]</ref>}}<br/><br/> | ||
+ | |||
==== [[Saint Lucia]] ==== | ==== [[Saint Lucia]] ==== | ||
{{definition|Risk: The probability of harmful consequences, or expected losses (deaths, injuries, property, livelihoods, economic activity disrupted or environment damaged) resulting from interactions between natural or human-induced hazards and vulnerable conditions. <ref>[http://www.nemo.gov.lc/DRRProfile.pdf Disaster Risk Reduction Country Profile for Saint Lucia: August 2012]</ref>}}<br/> | {{definition|Risk: The probability of harmful consequences, or expected losses (deaths, injuries, property, livelihoods, economic activity disrupted or environment damaged) resulting from interactions between natural or human-induced hazards and vulnerable conditions. <ref>[http://www.nemo.gov.lc/DRRProfile.pdf Disaster Risk Reduction Country Profile for Saint Lucia: August 2012]</ref>}}<br/> | ||
{{definition|Risk: A measure of the expected losses due to a hazard event of a particular magnitude occurring in a given area over a specific time period. <ref>[http://archive.stlucia.gov.lc/nemp/policies/DMPolicyFramework.pdf Government of Saint Lucia Disaster Management Policy Framework for Saint Lucia, 2004]</ref>}}<br/><br /> | {{definition|Risk: A measure of the expected losses due to a hazard event of a particular magnitude occurring in a given area over a specific time period. <ref>[http://archive.stlucia.gov.lc/nemp/policies/DMPolicyFramework.pdf Government of Saint Lucia Disaster Management Policy Framework for Saint Lucia, 2004]</ref>}}<br/><br /> | ||
+ | ==== [[Senegal]] ==== | ||
+ | {{definition|Risques: sont les conséquences d'une atteinte aux données, sans atteinte au système d'information et/ou les conséquences d'une atteinte au système d'information. <ref>[http://www.numerique.gouv.sn/sites/default/files/SNC2022-vf.pdf STRATÉGIE NATIONALE DE CYBERSÉCURITÉ DU SÉNÉGAL (SNC2022)]</ref>}}<br/><br /> | ||
+ | ==== [[Serbia]] ==== | ||
+ | {{definition|ризик значи могућност нарушавања информационе безбедности, односно могућност нарушавања тајности, интегритета, расположивости, аутентичности или непорецивости података или нарушавања исправног. <ref>[http://www.parlament.gov.rs/upload/archive/files/cir/pdf/predlozi_zakona/3515-15.pdf ЗАКОН О ИНФОРМАЦИОНОЈ БЕЗБЕДНОСТИ (Law on Information Security), Serbia]</ref>}}<br><br> | ||
====[[Singapore]] ==== | ====[[Singapore]] ==== | ||
Line 195: | Line 238: | ||
==== [[Slovenia]] ==== | ==== [[Slovenia]] ==== | ||
{{definition|Tveganje: pomeni vsako razumno doloĀljivo okoliŐĀino ali dogodek, ki ima lahko negativen uĀinek na varnost omreŬja in informacijskih sistemov. <ref>[http://eur-lex.europa.eu/legal-content/SL/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - SL]</ref>}}<br/><br/> | {{definition|Tveganje: pomeni vsako razumno doloĀljivo okoliŐĀino ali dogodek, ki ima lahko negativen uĀinek na varnost omreŬja in informacijskih sistemov. <ref>[http://eur-lex.europa.eu/legal-content/SL/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - SL]</ref>}}<br/><br/> | ||
+ | ==== [[South Africa]] ==== | ||
+ | {{definition|Risk is usually associated with the human inability to cope with a particular situation. In terms of disaster management it can be defined as the [[probability]] of harmful [[Consequence|consequences]], or expected losses death, injury, damage to property and the environment, jobs, disruption of economic activity or social systems. <ref>[https://www.westerncape.gov.za/general-publication/disaster-management-definitions Disaster Management Definitions Western Cape Government]</ref>}}[[Hazard|Hazards]] will affect communities differently in terms of ability and resources with which to cope. Poorer communities will be more at risk than others.<br/><br/> | ||
==== [[Spain]] ==== | ==== [[Spain]] ==== | ||
{{definition|Riesgo: toda circunstancia o hecho razonablemente identificable que tenga un posible efecto adverso en la seguridad de las redes y sistemas de información. <ref>[http://eur-lex.europa.eu/legal-content/ES/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - ES]</ref>}}<br/> | {{definition|Riesgo: toda circunstancia o hecho razonablemente identificable que tenga un posible efecto adverso en la seguridad de las redes y sistemas de información. <ref>[http://eur-lex.europa.eu/legal-content/ES/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - ES]</ref>}}<br/> | ||
{{definition|Riesgo (peligro): Factor o exposición que puede influir sobre la salud de forma adversa. <ref>[http://www.mapama.gob.es/es/cambio-climatico/temas/impactos-vulnerabilidad-y-adaptacion/anexo2_glosario_2_tcm7-12437.pdf Glosario Mapama, government Spain]</ref>}}<br /> | {{definition|Riesgo (peligro): Factor o exposición que puede influir sobre la salud de forma adversa. <ref>[http://www.mapama.gob.es/es/cambio-climatico/temas/impactos-vulnerabilidad-y-adaptacion/anexo2_glosario_2_tcm7-12437.pdf Glosario Mapama, government Spain]</ref>}}<br /> | ||
− | {{definition|Riesgo (probabilidad): Probabilidad de que ocurra un hecho, por ejemplo, que in individuo enferme o fallezca, dentro de un periodo de tiempo o edad determinados. <ref>[http://www.mapama.gob.es/es/cambio-climatico/temas/impactos-vulnerabilidad-y-adaptacion/anexo2_glosario_2_tcm7-12437.pdf Glosario Mapama, government Spain]</ref>}}<br /><br/> | + | {{definition|Riesgo (probabilidad): Probabilidad de que ocurra un hecho, por ejemplo, que in individuo enferme o fallezca, dentro de un periodo de tiempo o edad determinados. <ref>[http://www.mapama.gob.es/es/cambio-climatico/temas/impactos-vulnerabilidad-y-adaptacion/anexo2_glosario_2_tcm7-12437.pdf Glosario Mapama, government Spain]</ref>}}<br /> |
+ | {{definition|Riesgo: contingencia o proximidad de un daño. <ref>[http://www.europhras.org/Site/anderedokumente/GMLGR5L_6_12_07.pdf GLOSSAIRE MULTILINGUE DE LA GESTION DU RISQUE pour usagers francophones (2007)/Real Academia Española]</ref>}}<br/> | ||
==== [[Sweden]] ==== | ==== [[Sweden]] ==== | ||
Line 214: | Line 260: | ||
{{definition|Risk: is the probability of harmful consequences or expected losses (deaths, injuries, property, livelihoods, economic activity disrupted or environment damaged) resulting from interactions between natural or human-induced hazards and vulnerable conditions. <ref>[http://www.vpo.go.tz/modules/environment/index.php%3Faction%3Ddownloadfile%26filename%3DGUIDELINES%2520FOR%2520MANAGEMENT%2520OF%2520ENVIRONMENTAL%2520EMERGENCIES.pdf%26directory%3D7.Guidelines United Republic of Tanzania Guidelines for Management of Environmental Emergencies 2014]</ref>}}<br/><br /> | {{definition|Risk: is the probability of harmful consequences or expected losses (deaths, injuries, property, livelihoods, economic activity disrupted or environment damaged) resulting from interactions between natural or human-induced hazards and vulnerable conditions. <ref>[http://www.vpo.go.tz/modules/environment/index.php%3Faction%3Ddownloadfile%26filename%3DGUIDELINES%2520FOR%2520MANAGEMENT%2520OF%2520ENVIRONMENTAL%2520EMERGENCIES.pdf%26directory%3D7.Guidelines United Republic of Tanzania Guidelines for Management of Environmental Emergencies 2014]</ref>}}<br/><br /> | ||
− | ==== [[ | + | ==== [[Türkiye]]==== |
{{definition|[[Threat|Tehditlerin]] bir veya birden çok bilgi varlığındaki açıklığı kullanarak zarar yaratma potansiyelini. <ref>[http://www.udhb.gov.tr/doc/siberg/2016-2019guvenlik.pdf 2016-2019 UlUSAL SİBER GÜVENLİk STRATEJİSİ (Sept. 2016)]</ref><br/><br/>Risk: The potential risk of causing damage by using vulnerabilities in one or more information entities. <ref>[http://www.udhb.gov.tr/doc/siberg/UlusalSibereng.pdf Turkey's National Cyber Security Strategy 2016-2019 (2016)]</ref>}}<br/><br/> | {{definition|[[Threat|Tehditlerin]] bir veya birden çok bilgi varlığındaki açıklığı kullanarak zarar yaratma potansiyelini. <ref>[http://www.udhb.gov.tr/doc/siberg/2016-2019guvenlik.pdf 2016-2019 UlUSAL SİBER GÜVENLİk STRATEJİSİ (Sept. 2016)]</ref><br/><br/>Risk: The potential risk of causing damage by using vulnerabilities in one or more information entities. <ref>[http://www.udhb.gov.tr/doc/siberg/UlusalSibereng.pdf Turkey's National Cyber Security Strategy 2016-2019 (2016)]</ref>}}<br/><br/> | ||
Line 239: | Line 285: | ||
==== [[ISO|ISO/IEC 27000:2014]]==== | ==== [[ISO|ISO/IEC 27000:2014]]==== | ||
{{definition|Effect of uncertainty on objectives. <ref name="ISO27000-14"> [http://www.iso.org/iso/home/store/catalogue_ics/catalogue_detail_ics.htm?csnumber=63411 ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary]</ref> (based on the ISO Guide 73:2009<ref>[http://www.iso.org/iso/catalogue_detail?csnumber=44651 ISO Guide 73:2009 Risk management -- Vocabulary]</ref>)}} | {{definition|Effect of uncertainty on objectives. <ref name="ISO27000-14"> [http://www.iso.org/iso/home/store/catalogue_ics/catalogue_detail_ics.htm?csnumber=63411 ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary]</ref> (based on the ISO Guide 73:2009<ref>[http://www.iso.org/iso/catalogue_detail?csnumber=44651 ISO Guide 73:2009 Risk management -- Vocabulary]</ref>)}} | ||
− | |||
* An effect is a deviation from the expected — positive or negative. | * An effect is a deviation from the expected — positive or negative. | ||
* Uncertainty is the state, even partial, of deficiency of information related to, understanding or * knowledge of, an event (2.25), its [[consequence]], or [[likelihood]]. | * Uncertainty is the state, even partial, of deficiency of information related to, understanding or * knowledge of, an event (2.25), its [[consequence]], or [[likelihood]]. | ||
Line 245: | Line 290: | ||
* Risk is often expressed in terms of a combination of the [[consequence|consequences]] of an [[event]] (including changes in circumstances) and the associated [[likelihood]] of occurrence. | * Risk is often expressed in terms of a combination of the [[consequence|consequences]] of an [[event]] (including changes in circumstances) and the associated [[likelihood]] of occurrence. | ||
* In the context of information security management systems, information security risks can be expressed as effect of uncertainty on information security objectives. | * In the context of information security management systems, information security risks can be expressed as effect of uncertainty on information security objectives. | ||
− | * [[Information Security|Information security]] risk is associated with the potential that [[threat|threats]] will exploit [[vulnerability|vulnerabilities]] of an information [[asset]] or group of information assets and thereby cause [[harm]] to an organization. | + | * [[Information Security|Information security]] risk is associated with the potential that [[threat|threats]] will exploit [[vulnerability|vulnerabilities]] of an information [[asset]] or group of information assets and thereby cause [[harm]] to an organization. |
<br /> | <br /> | ||
+ | |||
==== [[ISO|ISO/IEC 31000:2009]] ==== | ==== [[ISO|ISO/IEC 31000:2009]] ==== | ||
{{definition|Risk: Effect of uncertainty on objectives. <ref name="ISO31000-09"> [http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=43170 ISO/IEC 31000:2009, Risk management -- Principles and guidelines]</ref> <ref>[http://www.iso.org/iso/catalogue_detail?csnumber=50038 ISO 22301:2012 Societal security -- Business continuity management systems --- Requirements]</ref>}}<br /> | {{definition|Risk: Effect of uncertainty on objectives. <ref name="ISO31000-09"> [http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=43170 ISO/IEC 31000:2009, Risk management -- Principles and guidelines]</ref> <ref>[http://www.iso.org/iso/catalogue_detail?csnumber=50038 ISO 22301:2012 Societal security -- Business continuity management systems --- Requirements]</ref>}}<br /> | ||
===Other Definitions=== | ===Other Definitions=== | ||
+ | ==== CRID ==== | ||
+ | {{definition|Riesgo: probabilidad de que un evento ocurra. <ref>[http://www.europhras.org/Site/anderedokumente/GMLGR5L_6_12_07.pdf GLOSSAIRE MULTILINGUE DE LA GESTION DU RISQUE pour usagers francophones (2007)]</ref>}}Cálculo matemático de pérdidas (de vidas, personas heridas, propiedad dañada y actividad económica detenida) durante un período de referencia en una región dada para un peligro en particular. Riesgo es el producto de la amenaza y la vulnerabilidad/ CRID Centro Regional de Información sobre Desastres, América Latina y el Caribe. Lista de términos.]<br/><br/> | ||
==== [[EM-DAT]] ==== | ==== [[EM-DAT]] ==== | ||
{{definition|Risk is the expected losses (of lives, persons injured, property damaged and economic activity disrupted) due to a particular [[hazard]] for a given area and reference period. Based on mathematical calculations, risk is the product of [[hazard]] and [[vulnerability]]. <ref name="EM_DAT">[http://www.emdat.be/glossary/9 EM-DAT disaster database glossary]</ref>}}<br /><br/> | {{definition|Risk is the expected losses (of lives, persons injured, property damaged and economic activity disrupted) due to a particular [[hazard]] for a given area and reference period. Based on mathematical calculations, risk is the product of [[hazard]] and [[vulnerability]]. <ref name="EM_DAT">[http://www.emdat.be/glossary/9 EM-DAT disaster database glossary]</ref>}}<br /><br/> | ||
Line 257: | Line 305: | ||
{{definition|Risk is the product of the probability of the occurrence of a hazard and its consequences. <ref name="Ontario">[https://www.emergencymanagementontario.ca/english/emcommunity/response_resources/GlossaryOfTerms/glossary_of_terms.html Province of Ontario’s Emergency Management Glossary of Terms ]</ref>}}<br /> | {{definition|Risk is the product of the probability of the occurrence of a hazard and its consequences. <ref name="Ontario">[https://www.emergencymanagementontario.ca/english/emcommunity/response_resources/GlossaryOfTerms/glossary_of_terms.html Province of Ontario’s Emergency Management Glossary of Terms ]</ref>}}<br /> | ||
{{definition|Risque: produit de la probabilité qu’un danger se produise et de ses conséquences. <ref name="Ontario">[https://www.emergencymanagementontario.ca/english/emcommunity/response_resources/GlossaryOfTerms/glossary_of_terms.html Province of Ontario’s Emergency Management Glossary of Terms ]</ref>}}<br /> | {{definition|Risque: produit de la probabilité qu’un danger se produise et de ses conséquences. <ref name="Ontario">[https://www.emergencymanagementontario.ca/english/emcommunity/response_resources/GlossaryOfTerms/glossary_of_terms.html Province of Ontario’s Emergency Management Glossary of Terms ]</ref>}}<br /> | ||
+ | ==== [[OWASP]] ==== | ||
+ | {{definition|Risk is the possibility of a negative or undesirable occurance. <ref>[https://www.owasp.org/index.php/Glossary OWASP Glossary]</ref>}}There are two independent parts of risk: [[Impact]] and [[Probability|Likelihood]]. To reduce risk, one can reduce the impact, reduce the likelihood, or both. Risk can also be accepted (meaning that the full [[impact]] of the negative outcome will be borne by the entity at risk). The impact and likelihood of a risk are usually combined to create an estimate of its [[Severity]].<br/><br/> | ||
+ | === [[Dictionary]]=== | ||
+ | {{definition|Risico: Kans op schade of verlies in een computersysteem, gecombineerd met de gevolgen die deze schade heeft voor de organisatie. Een voorbeeld van schade kan bijvoorbeeld zijn dat mensen informatie zien die ze niet hadden mogen zien. Of dat men niet meer zeker weet of gegevens nog kloppen. Bij gevolgen voor de organisatie kan men denken aan financiële schade of het verlies van de goede naam van de organisatie. <ref>[https://www.cybersecurityalliantie.nl/ecp_images/2021/12/Cybersecurity-Woordenboek-2021_ZonderSpreads.pdf Cybersecurity Woordenboek 2021]</ref>}}<br/><br/> | ||
+ | {{#set:defined by=Dictionary}} | ||
==See also== | ==See also== | ||
* [[Residual Risk]] | * [[Residual Risk]] | ||
Line 263: | Line 316: | ||
* [[Risk Analysis]] | * [[Risk Analysis]] | ||
* [[Risk Assessment]] | * [[Risk Assessment]] | ||
+ | * [[Risk Matrix]] | ||
==Notes== | ==Notes== | ||
− | |||
− | |||
==References== | ==References== | ||
− | + | <references /> | |
− | |||
− | |||
[[Category:Risk]] | [[Category:Risk]] | ||
− | {{#set:defined by=EU|defined by=ENISA|defined by=IAEA|defined by=NATO|defined by=UNISDR|defined by=UNDHA|defined by=EM-DAT|defined by=Intergovernmental Panel on Climate Change (IPCC)|defined by=IPCC|defined by=Argentina|defined by=Australia|defined by=Brazil|defined by=Burkina-Faso|defined by=Canada|defined by=Cape Verde|defined by=Colombia|defined by=Cuba|defined by=El Salvador|defined by=India|defined by=Ireland|defined by=Japan|defined by=Republic of Trinidad & Tobago|defined by=Switzerland|defined by=Turkey|defined by=Austria|defined by=Belgium|defined by=Bosnia and Herzegovina|defined by=Bulgaria|defined by=Chile|defined by=Croatia|defined by=Cyprus|defined by=Czech Republic|defined by=Denmark|defined by=Estonia|defined by=Finland|defined by=France|defined by=Germany|defined by=Greece|defined by=Guatemala|defined by=Hungary|defined by=Ireland|defined by=Italy|defined by=Jersey|defined by=Kiribati|defined by=Latvia|defined by=Lithuania|defined by=Luxembourg|defined by=Malta|defined by=Nepal|defined by=Mexico|defined by=Netherlands|defined by=Norway|defined by=Oman|defined by=Poland|defined by=Portugal|defined by=Romania|defined by=Saint Lucia|defined by=Singapore|defined by=Slovakia|defined by=Slovenia|defined by=Spain|defined by=Sweden|defined by=Tanzania|defined by=United Arab Emirates|defined by=United Kingdom|defined by=United States|defined by=ISO|defined by=Ontario|defined by=IETF|defined by=Caricom|defined by=NIST|defined by=EU-project}} | + | {{#set:defined by=Council of Europe|defined by=EU|defined by=European Commission|defined by=ENISA|defined by=IAEA|defined by=NATO|defined by=UNISDR|defined by=UNDHA|defined by=EM-DAT|defined by=Intergovernmental Panel on Climate Change (IPCC)|defined by=IPCC|defined by=Argentina|defined by=Australia|defined by=Brazil|defined by=Bermuda|defined by=Burkina-Faso|defined by=Canada|defined by=Cape Verde|defined by=Colombia|defined by=Costa Rica|defined by=Cuba|defined by=El Salvador|defined by=Eswatini|defined by=Gambia|defined by=Haiti|defined by=India|defined by=Ireland|defined by=Japan|defined by=Republic of Trinidad & Tobago|defined by=Switzerland|defined by=Turkey|defined by=Austria|defined by=Belgium|defined by=Bosnia and Herzegovina|defined by=Bulgaria|defined by=Chile|defined by=Croatia|defined by=Cyprus|defined by=Czech Republic|defined by=Denmark|defined by=Estonia|defined by=Finland|defined by=France|defined by=Germany|defined by=Greece|defined by=Guatemala|defined by=Hungary|defined by=Ireland|defined by=Italy|defined by=Jersey|defined by= Kingdom of Saudi Arabia|defined by=Kiribati|defined by=Latvia|defined by=Lithuania|defined by=Luxembourg|defined by=Malta|defined by=Nepal|defined by=Mexico|defined by=Netherlands|defined by=Norway|defined by=Oman|defined by=Poland|defined by=Portugal|defined by=Romania|defined by=Saint Lucia|defined by=Senegal|defined by=Serbia|defined by=Singapore|defined by=Slovakia|defined by=Slovenia|defined by=South Africa|defined by=Spain|defined by=Sweden|defined by=Tanzania|defined by=United Arab Emirates|defined by=United Kingdom|defined by=United States|defined by=ISO|defined by=Ontario|defined by=IETF|defined by=Caricom|defined by=NIST|defined by=EU-project|defined by=OWASP|defined by=OECD}} |
[[Category:RESIN-Glossary]][[Category:CIPRNet-Glossary]] | [[Category:RESIN-Glossary]][[Category:CIPRNet-Glossary]] | ||
+ | {{#set: Showmainpage=Yes}} |
Latest revision as of 01:02, 15 November 2023
Contents
- 1 Definitions
- 1.1 European Definitions
- 1.2 European Project Definitions
- 1.3 International Definitions
- 1.4 National Definitions
- 1.4.1 Argentina
- 1.4.2 Australia
- 1.4.3 Austria
- 1.4.4 Belgium
- 1.4.5 Bermuda
- 1.4.6 Bosnia and Herzegovina
- 1.4.7 Brazil
- 1.4.8 Bulgaria
- 1.4.9 Burkina-Faso
- 1.4.10 Canada
- 1.4.11 Cape Verde
- 1.4.12 Chile
- 1.4.13 Colombia
- 1.4.14 Costa Rica
- 1.4.15 Croatia
- 1.4.16 Cuba
- 1.4.17 Cyprus
- 1.4.18 Czech Republic
- 1.4.19 Denmark
- 1.4.20 El Salvador
- 1.4.21 Estonia
- 1.4.22 Eswatini
- 1.4.23 Finland
- 1.4.24 France
- 1.4.25 Gambia
- 1.4.26 Germany
- 1.4.27 Greece
- 1.4.28 Guatemala
- 1.4.29 Haiti
- 1.4.30 Hungary
- 1.4.31 India
- 1.4.32 Ireland
- 1.4.33 Italy
- 1.4.34 Japan
- 1.4.35 (States of) Jersey
- 1.4.36 Kingdom of Saudi Arabia
- 1.4.37 Kiribati
- 1.4.38 Latvia
- 1.4.39 Lithuania
- 1.4.40 Luxembourg
- 1.4.41 Malta
- 1.4.42 Mexico
- 1.4.43 Nepal
- 1.4.44 Netherlands
- 1.4.45 Norway
- 1.4.46 Oman
- 1.4.47 Poland
- 1.4.48 Portugal
- 1.4.49 Republic of Trinidad & Tobago
- 1.4.50 Romania
- 1.4.51 Saint Lucia
- 1.4.52 Senegal
- 1.4.53 Serbia
- 1.4.54 Singapore
- 1.4.55 Slovakia
- 1.4.56 Slovenia
- 1.4.57 South Africa
- 1.4.58 Spain
- 1.4.59 Sweden
- 1.4.60 Switzerland
- 1.4.61 Tanzania
- 1.4.62 Türkiye
- 1.4.63 United Arab Emirates
- 1.4.64 United Kingdom (UK)
- 1.4.65 United States
- 1.5 Standard Definitions
- 1.6 Other Definitions
- 1.7 Dictionary
- 2 See also
- 3 Notes
- 4 References
Definitions
European Definitions
Council of Europe
European Commission
ENISA
CLIMATE-ADAPT
Comment: This definition closely follows the definition of the ISO/IEC Guide 73. The word "risk" has two distinctive connotations: in popular usage the emphasis is usually placed on the concept of chance or possibility, such as in "the risk of an accident"; whereas in technical settings the emphasis is usually placed on the consequences, in terms of "potential losses" for some particular cause, place and period. It can be noted that people do not necessarily share the same perceptions of the significance and underlying causes of different risks.
European Project Definitions
CIPRNet project
The CIPRNet project [8] uses the following definition:
International Definitions
CARICOM
IAEA
Risk is measured in terms of a combination of the [likelihood]] of an event and the severity of its consequences.
NATO CEP / EAPC
The level of risk is a condition of two factors: (1) the value placed on the asset by its owner/operator and the impact of loss or change to the asset, and (2) the likelihood that a specific vulnerability will be exploited by a particular threat.
OECD
This risk can result from the combination of threats and vulnerabilities in the digital environment. It can undermine the achievement of economic and social objectives by disrupting the confidentiality, integrity and availability of the activities and/or the environment. Digital security risk is dynamic in nature. It includes aspects related to the digital and physical environments, the people involved in the activity and the organisational processes supporting it.
UNDRR
تركيب و آميزه اي از احتمال يك رخداد و پيامدهاي منفي آن
UNDHA
Based on mathematical calculations, risk is the product of hazard and vulnerability.
Intergovernmental Panel on Climate Change (IPCC)
National Definitions
Argentina
Australia
[26] provides three other Australian definitions of risk.
Austria
Belgium
Risque: toute circonstance ou tout événement raisonnablement identifiable ayant un impact négatif potentiel sur la sécurité des réseaux et des systèmes d'information. [29]
Risiko: alle mit vernünftigem Aufwand feststellbaren Umstände oder Ereignisse, die potenziell nachteilige Auswirkungen auf die Sicherheit von Netz- und Informationssystemen haben. [30]
Bermuda
Bosnia and Herzegovina
Brazil
Risk is the uncertainty effect on goals.
1. Medida de dano potencial ou prejuízo econômico expressa em termos de probabilidade estatística de ocorrência e de intensidade ou grandeza das conseqüências previsíveis.
2. Probabilidade de ocorrência de um acidente ou evento adverso, relacionado com a intensidade dos danos ou perdas, resultantes dos mesmos.
3. Probabilidade de danos potenciais dentro de um período especificado de tempo e/ou de ciclos operacionais.
4. Fatores estabelecidos, mediante estudos sistematizados, que envolvem uma probabilidade significativa de ocorrência de um acidente ou desastre.
5. Relação existente entre a probabilidade de que uma ameaça de evento adverso ou acidente determinado se concretize e o grau de vulnerabilidade do sistema receptor a seus efeitos. [35]
Risk:
1. Measure of potential damage or economic loss expressed in terms of statistical probability of occurrence and intensity or magnitude of foreseeable consequences.
2. Likelihood of an accident or adverse event, related to the intensity of the damages or losses, resulting from them.
3. Probability of potential damages within a specified period of time and / or operating cycles.
4. Factors established through systematized studies that involve a significant probability of an accident or disaster occurring.
5. Existing relationship between the likelihood that a threat of an adverse event or a particular accident will materialize and the degree of vulnerability of the system Receiver to its effects.
Bulgaria
Burkina-Faso
Canada
Risqué: combinaison de la possibilité qu’un aléa donné se produise et des conséquences potentielles pouvant y être associées. [38] [39]
Risk refers to the vulnerability, proximity or exposure to hazards, which affects the likelihood of adverse impact.
Cape Verde
O risco é o resultado do impacto específico de um perigo nas condições pré-existentes de vulnerabilidade. A palavra risco tem duas conotações distintas: no uso popular, a ênfase é geralmente colocada sobre o conceito de oportunidade ou possibilidade, como em “o risco de um acidente”; enquanto em configurações técnicas a ênfase é geralmente colocada sobre as consequências, em termos de “perdas potenciais” para alguma causa, local e período particular. Pode-se notar que as pessoas não necessariamente compartilham as mesmas percepções sobre o significado e as causas subjacentes a diferentes riscos.
Chile
Colombia
(1) Algo que podría suceder y afectar el logro de los objetivos organizacionales (GTC 176).
(2) Efecto de la incertidumbre sobre los objetivos (GTC137 2011).
(3) Posibilidad de que suceda algún evento que tendrá un impacto sobre los objetivos institucionales o del proceso. (Guía de Admón. de Riesgos DAFP Septiembre 2011). [43]
Costa Rica
Croatia
Cuba
Cyprus
Czech Republic
Risk is either defined as: (1) Danger, possibility of damage, loss, failure. (2) Effect of uncertainty to achieve objectives. (3) Possibility that a certain threat would utilize vulnerability of an asset or group of assets and cause damage to an organization. [49]
Denmark
El Salvador
Estonia
Eswatini
Finland
Risk is the combination of probability and consequences of a negative circumstance or event. -unofficial translation- [56]
France
Gambia
These Objectives can have different aspects (such as financial, health and safety, information security, andenvironmental goals) and can apply at different levels (such as strategic, organization-wide, project, product and process). Risk should becharacterized by reference to potential events and consequences, or a combination of these, and expressed in terms of a combination of the consequences of an information security event and the associated likelihood.
Germany
Greece
(Risk is the combination of the occurrence likelihood of a natural hazard or a technological event or other disasters and the severity of the damages that can be caused to citizens, to assets, to productive sources and to infrastructures of a region) [65]
Guatemala
Haiti
Généralement, c’est un incertain et difficile à résoudre et de nature complexe, et ayant parfois dans certains cas des causes multiples qui mettent éventuellement en danger l'intégrité d'un pays dans un ou plusieurs aspects de la vie nationale.
Hungary
India
Ireland
Italy
Minacce, vulnerabilità ed impatto costituiscono, quindi, le variabili principali in funzione delle quali viene valutata l’esistenza di un rischio ed il relativo livello ai fini della sua gestione, ossia dell’adozione delle necessarie contromisure (tanto preventive che reattive).
Nella matematica attuariale, scarto tra la possibilità di verificarsi di un certo evento e la frequenza con cui l'evento si verifica. Rischio (R): è il valore atteso delle perdite umane, dei feriti, dei danni alle proprietà e delle perturbazioni alle attività economiche dovuti al verificarsi di un particolare fenomeno di una data intensità. Il rischio totale è associato ad un particolare elemento a rischio E e ad una data intensità I è il prodotto: R(E;I) = H(I) V (I;E) W (E). Gli eventi che determinano i rischi si suddividono in prevedibili (idrogeologico, vulcanico) e non prevedibili (sismico, chimico industriale, incendi boschivi).
Japan
(Cyber) Risk is an expectation of loss expressed as the probability that a articular threat will exploit a particular vulnerability with a articular harmful result. [80]
(i) 当該の状況またはイベントが発生した場合 にもたらされると考えられる悪影響と、
(ii) 発生の可能性との計算式 (関数)によって求められる。 [81]
Risk: A measure of the extent to which things are threatened, depending on the circumstances or events that can occur, and usually is:
(i) the adverse effects that are likely to result if the situation or event occurred,
(ii) the probability of occurrence.
(States of) Jersey
Kingdom of Saudi Arabia
(NISTIR 7298r2 Glossary of Key Information Security Terms)
Kiribati
Risk: The chance of something happening that will have a negative or positive impact on goals.
Latvia
Lithuania
Luxembourg
Malta
Mexico
Nepal
Netherlands
Risico is de jaarlijks te verwachten schade door het manifesteren van bedreigingen. [93]
Risico: Een functie van de mogelijkheid op een ongewenst effect en de grootte van dat effect, voortvloeiend uit geva(a)r(en).
Risk: a function of the probability of an adverse effect and the magnitude of that effect, consequential to hazard(s). [96]
Norway
Risk is always about what might happen in the future, and therefore there is always a degree of uncertainty associated with it. The uncertainty is related to whether a specific adverse event will occur and to the consequences the event will have. [98]
Oman
Risk establishes the likelihood of a successful attack.
Poland
Portugal
Republic of Trinidad & Tobago
Romania
Risc (în sens restrâns): probabilitatea şi proporţiile unor pagube potenţiale [108]
Saint Lucia
Senegal
Serbia
Singapore
Slovakia
Slovenia
South Africa
Hazards will affect communities differently in terms of ability and resources with which to cope. Poorer communities will be more at risk than others.
Spain
Sweden
Switzerland
Le « risque » permet de déterminer l’étendue d’une mise en danger et englobe la fréquence ou probabilité et l’ampleur des dommages d’un [[Incident}événement]] indésirable. [124]
Il rischio è un metro di misura per le dimensioni di una minaccia e implica la frequenza o la probabilità d’insorgenza e l'entità dei danni di un evento indesiderato. [125]
Der Begriff Risiko dient beim Schutz kritischer Infrastrukturen als Modell sowohl zur Beurteilung von Sicherheitsfragen als auch zum Vergleich verschiedener Gefährdungen anhand gleicher Kriterien. Das Risikomodell beruht grundsätzlich auf zwei Faktoren:
- Eintrittswahrscheinlichkeit eines Ereignisses;
- Schadensausmass an Bevölkerung und deren Lebensgrundlagen.
Risiken lassen sich demzufolge als Produkt darstellen, das durch die Eintrittswahrscheinlichkeit eines Ereignisses und dessen Schadensausmasses bestimmt ist.
Tanzania
Türkiye
Risk: The potential risk of causing damage by using vulnerabilities in one or more information entities. [128]
United Arab Emirates
United Kingdom (UK)
For example: the costs of damage, number of people affected or areas of land affected by a specific climate effect.
United States
DHS
NIST
Standard Definitions
IETF
ISO/IEC 27000:2014
- An effect is a deviation from the expected — positive or negative.
- Uncertainty is the state, even partial, of deficiency of information related to, understanding or * knowledge of, an event (2.25), its consequence, or likelihood.
- Risk is often characterized by reference to potential events and consequences, or a combination of these.
- Risk is often expressed in terms of a combination of the consequences of an event (including changes in circumstances) and the associated likelihood of occurrence.
- In the context of information security management systems, information security risks can be expressed as effect of uncertainty on information security objectives.
- Information security risk is associated with the potential that threats will exploit vulnerabilities of an information asset or group of information assets and thereby cause harm to an organization.
ISO/IEC 31000:2009
Other Definitions
CRID
Cálculo matemático de pérdidas (de vidas, personas heridas, propiedad dañada y actividad económica detenida) durante un período de referencia en una región dada para un peligro en particular. Riesgo es el producto de la amenaza y la vulnerabilidad/ CRID Centro Regional de Información sobre Desastres, América Latina y el Caribe. Lista de términos.]
EM-DAT
Ontario (Canada)
OWASP
There are two independent parts of risk: Impact and Likelihood. To reduce risk, one can reduce the impact, reduce the likelihood, or both. Risk can also be accepted (meaning that the full impact of the negative outcome will be borne by the entity at risk). The impact and likelihood of a risk are usually combined to create an estimate of its Severity.
Dictionary
See also
Notes
References
- ↑ GLOSSAIRE MULTILINGUE DE LA GESTION DU RISQUE pour usagers francophones (2007)/European Centre of Technological Safety (TESEC) - TESEC-EUR-OPA 2001)
- ↑ Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the resilience of critical entities COM/2020/829 final
- ↑ EC COM(2006) 787 final, Directive of the Council on the identification and designation of European Critical Infrastructure and the assessment of the need to improve their protection, EC, Brussels 12.12.2006.
- ↑ European Commission's CBRN Glossary, 2012
- ↑ DIRECTIVE (EU) 2016/1148 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union
- ↑ ENISA Risk Glossary
- ↑ European Climate Adaptation Platform (CLIMATE-ADAPT) Glossary
- ↑ http://www.ciprnet.eu/
- ↑ Caribbean Disaster Emergency Management Agency (CDEMA) Regional Comprehensive Disaster Management Strategy and Results Framework 2014-2024
- ↑ IAEA - Nuclear Security Series Glossary Version 1.3 (November 2015)
- ↑ NATO EAPC(SCEPC) lexicon 2003.
- ↑ Digital Security Risk Management for Economic and Social Prosperity
- ↑ 2009 UNISDR Terminology on Disaster Risk Reduction, United Nations International Strategy for Disaster Reduction (UNISDR), Geneva, Switzerland, May 2009.
- ↑ UNISDR glossary
- ↑ UNISDR glossary
- ↑ UNISDR glossary
- ↑ UNISDR glossary
- ↑ UNISDR glossary in Bahasa
- ↑ UNISDR glossary in Tagalog
- ↑ UNISDR glossary in Tagalog
- ↑ Internationally agreed glossary of basic terms related to Disaster Management in Farsi
- ↑ 22.0 22.1 22.2 Internationally agreed glossary of basic terms related to Disaster Management
- ↑ Mach, K.J., S. Planton and C. von Stechow (eds.). Climate Change 2014: Synthesis Report. Contribution of Working Groups I, II and III to the Fifth Assessment Report of the Intergovernmental Panel on Climate Change. Annex II: Glossary. [Core Writing Team, R.K. Pachauri and L.A. Meyer (eds.)]. IPCC, Geneva, Switzerland, pp. 117-130.
- ↑ Oficina Nacional de Tecnologías de Información ADMINISTRACION PUBLICA NACIONAL Disposición 3/2013 - Apruébase la “Política de Seguridad de la Información Modelo” (2013)
- ↑ Glossary of the Government of Queensland
- ↑ Australian Emergency Management Glossary, Emergency Management Australia (1998)
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - DE
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - NL
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - FR
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - DE
- ↑ Actualisatie en verfijning klimaatscenario’s tot 2100 voor Vlaanderen, MIRA/2015/01, januari 2015
- ↑ Bermuda Cybersecurity Strategy 2018-2022
- ↑ RADNA VERZIJA OSOBLJA KOMISIJE: Procjena rizika i mapiranje smernice za upravljanje katastrofama
- ↑ GUIA DE REFERÊNCIA PARA A SEGURANÇA DAS INFRAESTRUTURAS CRÍTICAS DA INFORMAÇÃO Versão 01 (Nov. 2010)
- ↑ GLOSSÁRIO DE DEFESA CIVIL ESTUDOS DE RISCOS E MEDICINA DE DESASTRES, Ministério da Integração Nacional, Brazil
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - BG
- ↑ CIRT-BF Glossary
- ↑ An Emergency Management Framework for Canada (Second Edition)
- ↑ Vocabulaire de la gestion des urgencies/Emergency Management Emergency Management Vocabulary 281 (2012)
- ↑ Guide Analyse de risques d'accidents technologiques majeurs (2002)
- ↑ Avaliação das Necessidades Pós- Desastre (PDNA) ERUPÇÃO VULCÂNICA NO FOGO 2014-2015, Cape Verde
- ↑ GUÍA ANÁLISIS DE RIESGOS NATURALES PARA EL ORDENAMIENTO TERRITORIAL Subsecretaría de Desarrollo Regional y Administrativo (SUBDERE) Primera Edición, Junio 2011
- ↑ Glosario Policia Colombia
- ↑ Estrategia Nacional de Ciberseguridad de Costa Rica (2023-2027)
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - HR
- ↑ Glossary of Cyber terms/Glosario de términos, Centro de Seguridad del Ciberespacio
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union – EL
- ↑ Výkladový slovník kybernetické bezpečnosti (2013)
- ↑ Act No. 181 of 23 July 2014 On Cyber Security and Change of Related Acts (Act on Cyber Security)
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - CS
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - DA
- ↑ HÅNDBOG I RISIKOBASERET DIMENSIONERING, Beredskabsstyrelsen, Denmark (2004)
- ↑ Glosario de Riesgo, Ministerio de Medio Ambiente y Recursos Naturales, El Salvador
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - ET
- ↑ ESWATINI NATIONAL CYBERSECURITY STRATEGY 2020 - 2025 (2020)
- ↑ Vocabulary of Comprehensive Security. Helsinki (TSK 47) (2014)
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - FI
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - FR
- ↑ THE GAMBIA NATIONAL CYBERSECURITY STRATEGY (2019)
- ↑ Protection of Critical Infrastructures – Baseline Protection Concept: Recommendation for Companies, BMI.
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - DE
- ↑ Glossar BBK
- ↑ BSI Glossary
- ↑ BSI Glossary
- ↑ General Civil Protection Plan "Xenocrates"(Γενικό σχέδιο Πολιτικής Προστασίας "Ξενοκράτης")
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union – EL
- ↑ La Estrategia Nacional de Seguridad Cibernética (June 2018)
- ↑ Plan Estratégico de Seguridad de la Nación 2016-2020, Guatemala
- ↑ LIVRE BLANC SUR LA SÉCURITÉ ET LA DÉFENSE NATIONALE POUR LE DÉVELOPPEMENT ÉCONOMIQUE ET SOCIAL DURABLE D’HAÏTI, Juin 2015
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - HU
- ↑ India's DGQA Cyber Security Policy (2015)
- ↑ National Disaster Management Plan (NDMP)- (2016)
- ↑ A FRAMEWORK FOR MAJOR EMERGENCY MANAGEMENT (APPENDICES)
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - IT
- ↑ IL LINGUAGGIO DEGLI ORGANISMI INFORMATIVI Glossario (2013)
- ↑ Dipartimento della Protezione Civile Glossario
- ↑ PROTEZIONE DELLE INFRASTRUTTURE CRITICHE INFORMATIZZATE La realtà Italiana (2004)
- ↑ GLOSSARIO DI PROTEZIONE CIVILE Regione Sicilia
- ↑ RFC2828 (Japanese translation)
- ↑ 重要インフラのサイバーセキュリティを 向上させるためのフレームワーク (2014)
- ↑ States of Jersey Future-proofing Jersey: Building Resilience for the 21st Century (2015)
- ↑ Saudi Arabian Monetary Authority (2017)
- ↑ Kiribati BI-LINGUAL GLOSSARY OF CLIMATE CHANGE TERMS, Original translations by Dr Temakei Tebano & Etita Teiabauri, 2008
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - LV
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - LT
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - FR
- ↑ Glossaire
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - MT
- ↑ GUÍA PARA LA PRESENTACIÓN DEL ESTUDIO DE RIESGO MODALIDAD ANALISIS DE RIESGO, Mexico
- ↑ Estragia Nacional de Ciberseguridad (November 2017)
- ↑ Climate Change and Community Based Adaptation Planning Training Manual, Government of Nepal (2015)
- ↑ Zakboekje Preventie Cybercrime (2008)
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - NL
- ↑ Risicobeoordeling 16.0: Een kansrijk kader; Theorie achter het risicomanagementproces en leidraad voor risicobeoordeling, June 2015
- ↑ Patiëntveiligheid Definitielijst (2005)
- ↑ DSB, National Risikobild 2014
- ↑ DSB, National Risk Analysis 2014
- ↑ Oman CERT Glossary
- ↑ U S TAWA z dnia o krajowym systemie cyberbezpieczeństwa / Polish (draft) law on the national cybersecurity system (2018)
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - PL
- ↑ Strategia Cyberbezpieczeństwa Rzeczypospolitej Polskiej na lata 2017-2022
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - PT
- ↑ Decisão do Conselho n.º 2013/488/EU, de 23 de setembro de 2013, relativa às regras de segurança aplicáveis à proteção das informações classificadas da UE
- ↑ Comprehensive Disaster Management Policy Framework for Trinidad and Tobago
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - RO
- ↑ GLOSAR de termeni din domeniul ordinii şi siguranţei publice, MINISTERUL ADMINISTRAŢIEI ŞI INTERNELOR DIRECŢIA GENERALĂ ORGANIZARE, PLANIFICARE MISIUNI ŞI RESURSE
- ↑ GLOSSAIRE MULTILINGUE DE LA GESTION DU RISQUE pour usagers francophones (2007)
- ↑ Disaster Risk Reduction Country Profile for Saint Lucia: August 2012
- ↑ Government of Saint Lucia Disaster Management Policy Framework for Saint Lucia, 2004
- ↑ STRATÉGIE NATIONALE DE CYBERSÉCURITÉ DU SÉNÉGAL (SNC2022)
- ↑ ЗАКОН О ИНФОРМАЦИОНОЈ БЕЗБЕДНОСТИ (Law on Information Security), Serbia
- ↑ Foresight: A Glossary, Civil Service College, Singapore
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - SK
- ↑ BEZPEČNOSTNÁ RADA SLOVENSKEJ REPUBLIKY
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - SL
- ↑ Disaster Management Definitions Western Cape Government
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - ES
- ↑ Glosario Mapama, government Spain
- ↑ Glosario Mapama, government Spain
- ↑ GLOSSAIRE MULTILINGUE DE LA GESTION DU RISQUE pour usagers francophones (2007)/Real Academia Española
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - SV
- ↑ Glossar der Risikobegriffe, Bundesamt für Bevölkerungsschutz BABS, 29.4.2013
- ↑ Glossaire des risques, Office fédéral de la protection de la population, 29.4.2013
- ↑ Glossario sui rischi, Ufficio federale della protezione della popolazione UFPP, 29.4.2013
- ↑ United Republic of Tanzania Guidelines for Management of Environmental Emergencies 2014
- ↑ 2016-2019 UlUSAL SİBER GÜVENLİk STRATEJİSİ (Sept. 2016)
- ↑ Turkey's National Cyber Security Strategy 2016-2019 (2016)
- ↑ Abu Dhabi Safety and Security Planning Manual
- ↑ National Cyber Security Strategy 2016, HM Government
- ↑ Glossary - Revision to Emergency Preparedness, Cabinet Office (2012)
- ↑ The National Adaptation Programme: Making the country resilient to a changing climate, UK Government (2013)
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union
- ↑ DHS Risk Lexicon 2010 Edition, September 2010
- ↑ NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013/FIPS 200
- ↑ NIST Special Publication 800-53 Rev 4: Security and Privacy Controls for Federal Information Systems and Organizations (April 2013) / FIPS 200
- ↑ IETF RFC449 Internet Security Glossary 2
- ↑ ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
- ↑ ISO Guide 73:2009 Risk management -- Vocabulary
- ↑ ISO/IEC 31000:2009, Risk management -- Principles and guidelines
- ↑ ISO 22301:2012 Societal security -- Business continuity management systems --- Requirements
- ↑ GLOSSAIRE MULTILINGUE DE LA GESTION DU RISQUE pour usagers francophones (2007)
- ↑ EM-DAT disaster database glossary
- ↑ 144.0 144.1 Province of Ontario’s Emergency Management Glossary of Terms
- ↑ OWASP Glossary
- ↑ Cybersecurity Woordenboek 2021