Difference between revisions of "Risk"

From CIPedia
Jump to navigation Jump to search
Line 181: Line 181:
 
{{definition|Risc: înseamnă orice circumstanță sau eveniment ce poate fi identificat în mod rezonabil care are un efect potențial negativ asupra securității rețelelor și a sistemelor informatice. <ref>[http://eur-lex.europa.eu/legal-content/RO/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - RO]</ref>}}<br/>
 
{{definition|Risc: înseamnă orice circumstanță sau eveniment ce poate fi identificat în mod rezonabil care are un efect potențial negativ asupra securității rețelelor și a sistemelor informatice. <ref>[http://eur-lex.europa.eu/legal-content/RO/TXT/HTML/?uri=CELEX:32016L1148&from=EN Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - RO]</ref>}}<br/>
 
{{definition|Risc: Estimarea matematică a pierderilor umane şi materiale, pe o perioadă de referinţă şi într-o zonă dată, cauzate de un dezastru; probabilitatea de a avea de înfruntat un pericol, un necaz, de a ajunge într-o primejdie sau de a avea de înfruntat sau de suportat o pagubă; potenţial pericol.  <ref>[http://www.editura.mai.gov.ro/documente/biblioteca/2006/Glosar%20de%20termeni%20din%20domeniul%20ordinii%20publice/GLOSAR%20OP.pdf GLOSAR de termeni din domeniul ordinii şi siguranţei publice, MINISTERUL ADMINISTRAŢIEI ŞI INTERNELOR DIRECŢIA GENERALĂ ORGANIZARE, PLANIFICARE MISIUNI ŞI RESURSE]</ref>}}<br/><br/>
 
{{definition|Risc: Estimarea matematică a pierderilor umane şi materiale, pe o perioadă de referinţă şi într-o zonă dată, cauzate de un dezastru; probabilitatea de a avea de înfruntat un pericol, un necaz, de a ajunge într-o primejdie sau de a avea de înfruntat sau de suportat o pagubă; potenţial pericol.  <ref>[http://www.editura.mai.gov.ro/documente/biblioteca/2006/Glosar%20de%20termeni%20din%20domeniul%20ordinii%20publice/GLOSAR%20OP.pdf GLOSAR de termeni din domeniul ordinii şi siguranţei publice, MINISTERUL ADMINISTRAŢIEI ŞI INTERNELOR DIRECŢIA GENERALĂ ORGANIZARE, PLANIFICARE MISIUNI ŞI RESURSE]</ref>}}<br/><br/>
 +
==== [[Saint Lucia]] ====
 +
{{definition|Risk: The probability of harmful consequences, or expected losses (deaths, injuries, property, livelihoods, economic activity disrupted or environment damaged) resulting from interactions between natural or human-induced hazards and vulnerable conditions. <ref>[http://www.nemo.gov.lc/DRRProfile.pdf Disaster Risk Reduction Country Profile for Saint Lucia: August 2012]</ref>}}<br/><br />
 +
 
====[[Singapore]] ====
 
====[[Singapore]] ====
 
{{definition|Risk: ''In the Singapore Government context,'' risk is defined as the effect of [[uncertainty]] on objectives. <ref>[https://www.cscollege.gov.sg/Knowledge/Documents/eBooks/Foresight--A%20Glossary.pdf Foresight: A Glossary, Civil Service College, Singapore]</ref>}}<br /><br/>
 
{{definition|Risk: ''In the Singapore Government context,'' risk is defined as the effect of [[uncertainty]] on objectives. <ref>[https://www.cscollege.gov.sg/Knowledge/Documents/eBooks/Foresight--A%20Glossary.pdf Foresight: A Glossary, Civil Service College, Singapore]</ref>}}<br /><br/>
Line 259: Line 262:
  
 
[[Category:Risk]]
 
[[Category:Risk]]
{{#set:defined by=EU|defined by=ENISA|defined by=IAEA|defined by=NATO|defined by=UNISDR|defined by=UNDHA|defined by=EM-DAT|defined by=Intergovernmental Panel on Climate Change (IPCC)|defined by=IPCC|defined by=Argentina|defined by=Australia|defined by=Brazil|defined by=Burkina-Faso|defined by=Canada|defined by=Cape Verde|defined by=Colombia|defined by=Cuba|defined by=El Salvador|defined by=India|defined by=Ireland|defined by=Japan|defined by=Republic of Trinidad & Tobago|defined by=Switzerland|defined by=Turkey|defined by=Austria|defined by=Belgium|defined by=Bosnia and Herzegovina|defined by=Bulgaria|defined by=Chile|defined by=Croatia|defined by=Cyprus|defined by=Czech Republic|defined by=Denmark|defined by=Estonia|defined by=Finland|defined by=France|defined by=Germany|defined by=Greece|defined by=Guatemala|defined by=Hungary|defined by=Ireland|defined by=Italy|defined by=Jersey|defined by=Kiribati|defined by=Latvia|defined by=Lithuania|defined by=Luxembourg|defined by=Malta|defined by=Nepal|defined by=Mexico|defined by=Netherlands|defined by=Norway|defined by=Oman|defined by=Poland|defined by=Portugal|defined by=Romania|defined by=Singapore|defined by=Slovakia|defined by=Slovenia|defined by=Spain|defined by=Sweden|defined by=United Kingdom|defined by=United States|defined by=ISO|defined by=Ontario|defined by=IETF|defined by=Caricom|defined by=NIST|defined by=EU-project}}
+
{{#set:defined by=EU|defined by=ENISA|defined by=IAEA|defined by=NATO|defined by=UNISDR|defined by=UNDHA|defined by=EM-DAT|defined by=Intergovernmental Panel on Climate Change (IPCC)|defined by=IPCC|defined by=Argentina|defined by=Australia|defined by=Brazil|defined by=Burkina-Faso|defined by=Canada|defined by=Cape Verde|defined by=Colombia|defined by=Cuba|defined by=El Salvador|defined by=India|defined by=Ireland|defined by=Japan|defined by=Republic of Trinidad & Tobago|defined by=Switzerland|defined by=Turkey|defined by=Austria|defined by=Belgium|defined by=Bosnia and Herzegovina|defined by=Bulgaria|defined by=Chile|defined by=Croatia|defined by=Cyprus|defined by=Czech Republic|defined by=Denmark|defined by=Estonia|defined by=Finland|defined by=France|defined by=Germany|defined by=Greece|defined by=Guatemala|defined by=Hungary|defined by=Ireland|defined by=Italy|defined by=Jersey|defined by=Kiribati|defined by=Latvia|defined by=Lithuania|defined by=Luxembourg|defined by=Malta|defined by=Nepal|defined by=Mexico|defined by=Netherlands|defined by=Norway|defined by=Oman|defined by=Poland|defined by=Portugal|defined by=Romania|defined by=Saint Lucia|defined by=Singapore|defined by=Slovakia|defined by=Slovenia|defined by=Spain|defined by=Sweden|defined by=United Kingdom|defined by=United States|defined by=ISO|defined by=Ontario|defined by=IETF|defined by=Caricom|defined by=NIST|defined by=EU-project}}
 
[[Category:RESIN-Glossary]][[Category:CIPRNet-Glossary]]
 
[[Category:RESIN-Glossary]][[Category:CIPRNet-Glossary]]

Revision as of 01:38, 3 March 2017

Definitions

European Definitions

EU

The possibility of loss, damage or injury having regard to the value placed on the asset by its owner/operator and the impact of loss or change to the asset, and the likelihood that a specific vulnerability will be exploited by a particular threat. [1]


The probability of adverse effects caused by a hazardous phenomenon or substance in an organism, a population, or an ecological system. [2]


European Commission

Risk means any reasonably identifiable circumstance or event having a potential adverse effect on the security of network and information systems. [3]


Risk means any reasonably identifiable circumstance or event having a potential adverse effect on the security of network and information systems. [4]


ENISA

Risk is the potential that a given threat will exploit vulnerabilities of an asset or group of assets and thereby cause harm to the organization (derived from ISO/IEC PDTR 13335-1). [5]



CLIMATE-ADAPT

Risk is the combination of the probability of an event and its negative consequences. [6]

Comment: This definition closely follows the definition of the ISO/IEC Guide 73. The word "risk" has two distinctive connotations: in popular usage the emphasis is usually placed on the concept of chance or possibility, such as in "the risk of an accident"; whereas in technical settings the emphasis is usually placed on the consequences, in terms of "potential losses" for some particular cause, place and period. It can be noted that people do not necessarily share the same perceptions of the significance and underlying causes of different risks.

defined by=EU|


European Project Definitions

CIPRNet project

The CIPRNet project [7] uses the following definition:

Risk is the effect of uncertainty on objectives.


International Definitions

CARICOM

The combination of the probability of an event and its negative consequences. [8]


IAEA

Risk is the potential that a given threat will exploit the vulnerabilities of an asset, or group of assets, and thereby cause harm to the organization. [9]

Risk is measured in terms of a combination of the [likelihood]] of an event and the severity of its consequences.

NATO CEP / EAPC

The possibility of loss, damage or injury. [10]

The level of risk is a condition of two factors: (1) the value placed on the asset by its owner/operator and the impact of loss or change to the asset, and (2) the likelihood that a specific vulnerability will be exploited by a particular threat.

UNISDR

Risk is the combination of the probability of an event and its negative consequences. [11]


Risque: La combinaison de la probabilité d’un événement et de ses conséquences negatives. [12]


Риск: Сочетание вероятности события и его негативных последствий [13]


Riesgo: La combinación de la probabilidad de que se produzca un evento y sus consecuencias negativas. [14]


مخاطرة )وجمعها مخاطر( : حصيلة احتمالية وقوع الحدث والعواقب السلبية المصاحبة له. [15]


Risiko: Gabungan antara kemungkinan terjadinya suatu peristiwa dan dampak-dampak negatif yang ditimbulkannya. [16]


Peligro: Isang mapanganib na kaganapan, substansya, aktibidad ng tao, o kondisyon na maaaring kumitil ng buhay, puminsala sa katawan at kalusugan, sumira ng ariarian, magwasak ng kabuhayan at mga serbisyo, bumulabog ng lipunan at ekonomya at magwasak ng kapaligiran. [17]


Peligro: Ang probabilidad ng isang pangyayari at ang negatibong mga epekto nito. [18]



UNDHA

Risk: Expected losses (of lives, persons injured, property damaged, and economic activity disrupted) due to a particular hazard for a given area and reference period. [19]

Based on mathematical calculations, risk is the product of hazard and vulnerability.

Riesgo: Cálculo matemático de pérdidas (de vidas, personas heridas, propiedad dañada y actividad económica detenida) durante un periodo de referencia en una región dada para un peligro en particular. [19]


Risque: Espérance mathématique de pertes en vies humaines, blessés, dommages aux biens et atteinte à l'activité économique au cours d'une période de référence et dans une région donnée, pour un aléa particulier. [19]



Intergovernmental Panel on Climate Change (IPCC)

The potential for consequences where something of value is at stake and where the outcome is uncertain, recognizing the diversity of values. Risk is often represented as probability of occurrence of hazardous events multiplied by the impacts if these events or trends occur. Risk results from the interaction of vulnerability, exposure, and hazard. [20]


National Definitions

Argentina

Riesgo: Combinación de la probabilidad de ocurrencia de un evento y sus consecuencias o impacto. [21]



Australia

The chance of something happening that will have an impact on objectives. It is measured in terms if likelihood and consequence. [22]

[23] provides three other Australian definitions of risk.

Austria

Risiko: alle mit vernünftigem Aufwand feststellbaren Umstände oder Ereignisse, die potenziell nachteilige Auswirkungen auf die Sicherheit von Netz- und Informationssystemen haben. [24]



Belgium

(cyber) Risico: elke redelijkerwijs vast te stellen omstandigheid of gebeurtenis met een mogelijk schadelijk effect op de beveiliging van netwerk- en informatiesystemen. [25]


Risque: toute circonstance ou tout événement raisonnablement identifiable ayant un impact négatif potentiel sur la sécurité des réseaux et des systèmes d'information;. [26]


Risico is de combinatie van de kans op het voorkomen van een bepaalde gebeurtenis en de bijhorende gevolgen. [27]



Bosnia and Herzegovina

Rizik je kombinacija posledica nekog događaja opasnosti) i pripadajućih faktora/ vjerovatnoće njenog nastanka. (ISO 31010) [28]



Brazil

Risco: efeito da incerteza nos objetivos. [29]
Risk is the uncertainty effect on goals.


Risco:
1. Medida de dano potencial ou prejuízo econômico expressa em termos de probabilidade estatística de ocorrência e de intensidade ou grandeza das conseqüências previsíveis.
2. Probabilidade de ocorrência de um acidente ou evento adverso, relacionado com a intensidade dos danos ou perdas, resultantes dos mesmos.
3. Probabilidade de danos potenciais dentro de um período especificado de tempo e/ou de ciclos operacionais.
4. Fatores estabelecidos, mediante estudos sistematizados, que envolvem uma probabilidade significativa de ocorrência de um acidente ou desastre.
5. Relação existente entre a probabilidade de que uma ameaça de evento adverso ou acidente determinado se concretize e o grau de vulnerabilidade do sistema receptor a seus efeitos. [30]

Risk:
1. Measure of potential damage or economic loss expressed in terms of statistical probability of occurrence and intensity or magnitude of foreseeable consequences.
2. Likelihood of an accident or adverse event, related to the intensity of the damages or losses, resulting from them.
3. Probability of potential damages within a specified period of time and / or operating cycles.
4. Factors established through systematized studies that involve a significant probability of an accident or disaster occurring.
5. Existing relationship between the likelihood that a threat of an adverse event or a particular accident will materialize and the degree of vulnerability of the system Receiver to its effects.



Bulgaria

ǸǰǹDz“ ǶǯǵǨǿǨǪǨ ǸǨǯǻǴǵǶ ǻǹǺǨǵǶǪǰǴǶ ǶǩǹǺǶȇǺǭdzǹǺǪǶ ǰdzǰ ǹȂǩǰǺǰǭ, DzǶǭǺǶ ǴǶǮǭ ǬǨ ǰǴǨ ǵǭǩdzǨǫǶǷǸǰȇǺǵǶ ǪȂǯǬǭDZǹǺǪǰǭ ǪȂǸǽǻ ǹǰǫǻǸǵǶǹǺǺǨ ǵǨ ǴǸǭǮǰǺǭ ǰ ǰǵǼǶǸǴǨǾǰǶǵǵǰǺǭ ǹǰǹǺǭǴǰ. [31]



Burkina-Faso

Risque: Combinaison de la probabilité de l’occurrence d’un événement et ses conséquences. (from: ISO/IEC 27002:2005) [32]



Canada

Risk is the combination of the likelihood and the consequence of a specified hazard being realized.

Risqué: combinaison de la possibilité qu’un aléa donné se produise et des conséquences potentielles pouvant y être associées. [33] [34]

Risk refers to the vulnerability, proximity or exposure to hazards, which affects the likelihood of adverse impact.

Risque: combinaison de la conséquence d’un accident et de sa fréquence d’occurrence. [34]



Cape Verde

Risco: Combinação da probabilidade de um evento e as suas consequências negativas. [35]

O risco é o resultado do impacto específico de um perigo nas condições pré-existentes de vulnerabilidade. A palavra risco tem duas conotações distintas: no uso popular, a ênfase é geralmente colocada sobre o conceito de oportunidade ou possibilidade, como em “o risco de um acidente”; enquanto em configurações técnicas a ênfase é geralmente colocada sobre as consequências, em termos de “perdas potenciais” para alguma causa, local e período particular. Pode-se notar que as pessoas não necessariamente compartilham as mesmas percepções sobre o significado e as causas subjacentes a diferentes riscos.

Chile

Riesgo: Se define como el número de pérdidas humanas, heridos, daños a las propiedades y efectos sobre la actividad económica debido a la ocurrencia de un desastre, es decir el producto del riesgo específico, y los elementos en riesgo. [36]



Colombia

Riesgo:
(1) Algo que podría suceder y afectar el logro de los objetivos organizacionales (GTC 176).
(2) Efecto de la incertidumbre sobre los objetivos (GTC137 2011).
(3) Posibilidad de que suceda algún evento que tendrá un impacto sobre los objetivos institucionales o del proceso. (Guía de Admón. de Riesgos DAFP Septiembre 2011). [37]



Croatia

Rizik: znaĀi bilo koja razumno prepoznatljiva okolnost ili događaj koji ima potencijalan negativni uĀinak na sigurnost mrežnih i informacijskih sustava. [38]



Cuba

Riesgo Posibilidad: de que una amenaza concreta pueda explotar una vulnerabilidad para causar una pérdida o daño en un activo de información. Suele considerarse como una combinación de la probabilidad de un evento y sus consecuencias. [39]



Cyprus

Κίνδυνος: κάθε εύλογα διαπιστώσιμη περίσταση ή γεγονός με δυνητική δυσμενή επίπτωση στην ασφάλεια συστημάτων δικτύου και πληροφοριών. [40]]



Czech Republic

Riziko: (1) Nebezpečí, možnost škody, ztráty, nezdaru. (2) Účinek nejistoty na dosažení cílů. (3) Možnost, že určitá hrozba využije zranitelnosti aktiva nebo skupiny aktiv a způsobí organizaci škodu. [41]

Risk is either defined as: (1) Danger, possibility of damage, loss, failure. (2) Effect of uncertainty to achieve objectives. (3) Possibility that a certain threat would utilize vulnerability of an asset or group of assets and cause damage to an organization. [42]


Rizikem: jakákoli v pňimĎňenĎ rozpoznatelná okolnost nebo událost, která by mohla mít negativní dopad na bezpeĀnost sítí a informaĀních systémů. [43]



Denmark

Risiko: enhver rimeligt identificerbar omstændighed eller begivenhed, der har en potentiel negativ indvirkning på sikkerheden i net- og informationssystemer. [44]



Risiko er en potentiel hændelse (såsom brand, sammenstyrtning og udslip) eller kombination af en potentiel hændelse og et objekt (såsom forsamlingslokale, beboelsesejendom, lagerhal, motorvej og festival), som kan føre til skader på personer, ejendom eller miljø. [45]



El Salvador

Riesgo: Es la probabilidad que se presente un nivel de consecuencias económicas, sociales o ambientales en un sitio particular y durante un período de tiempo definido. Se obtiene de relacionar la amenaza con la vulnerabilidad de los elementos expuestos. [46]



Estonia

Risk: mõistlikult tuvastatav asjaolu või sündmus, mis võib kahjustada võrgu- ja infosüsteemide turvalisust;. [47]<



Finland

Riski: kielteisen seikan tai tapahtuman todennäköisyyden ja vaikutusten yhdistelmä.

Risk is the combination of probability and consequences of a negative circumstance or event. -unofficial translation- [48]


Riskillä: mitä tahansa kohtuullisesti tunnistettavissa olevaa tilannetta tai tapahtumaa, joka saattaa vaikuttaa haitallisesti verkko- ja tietojärjestelmien turvallisuuteen. [49]



France

Risque: toute circonstance ou tout événement raisonnablement identifiable ayant un impact négatif potentiel sur la sécurité des réseaux et des systèmes d'information;. [50]



Germany

Likelihood of a serious danger which (a) constitutes a threat to human life, (b) will impair the health of a large number of people, or (c) affects economic activity, public services and technical infrastructures and may cause damage to the environment, in particular animals and plants, the soil, the water, the atmosphere and cultural and material assets. [51]


Risiko: alle mit vernünftigem Aufwand feststellbaren Umstände oder Ereignisse, die potenziell nachteilige Auswirkungen auf die Sicherheit von Netz- und Informationssystemen haben. [52]


Risiko: Maß für die Wahrscheinlichkeit des Eintritts eines bestimmten Schadens an einem Schutzgut unter Berücksichtigung des potenziellen Schadensausmaßes. [53]


Risiko ist ein mögliches Event, das zu einem Schaden oder Verlust führen oder das Erreichen von Zielen beeinträchtigen könnte. [54]



Greece

Κίνδυνος νοείται η πιθανότητα εκδήλωσης ενός φυσικού φαινομένου ή τεχνολογικού συμβάντος ή και λοιπών καταστροφών σε συνδυασμό με την ένταση των καταστροφών, που μπορεί να προκληθούν στους πολίτες, στα αγαθά, στις πλουτοπαραγωγικές πηγές και στις υποδομές μιας περιοχής.

(Risk is the combination of the occurrence likelihood of a natural hazard or a technological event or other disasters and the severity of the damages that can be caused to citizens, to assets, to productive sources and to infrastructures of a region) [55]


Κίνδυνος: κάθε εύλογα διαπιστώσιμη περίσταση ή γεγονός με δυνητική δυσμενή επίπτωση στην ασφάλεια συστημάτων δικτύου και πληροφοριών. [56]]



Guatemala

Riesgo: Probabilidad de la presencia o manifestación de evento natural o antropogénico, de orden político, económico, social, sanitario o ambiental que afecte negativamente la Seguridad de la Nación, provocando pérdidas físicas, socioeconómicas y ambientales como efecto de la sinergia o complementariedad de una amenaza y una vulnerabilidad. [57]




Hungary

Kockázat: minden olyan észszerűen azonosítható körülmény vagy esemény, amely kedvezőtlen hatást gyakorolhat a hálózati és információs rendszerek biztonságára. [58]



India

Risk is the potential of damage to a system or associated assets that exists as a result of the combination of security threat and vulnerability. [59]



Ireland

Risk is the combination of the likelihood of a hazardous event and its potential impact. [60]


Risk means any reasonably identifiable circumstance or event having a potential adverse effect on the security of network and information systems. [61]



Italy

Rischio: ogni circostanza o evento ragionevolmente individuabile con potenziali effetti pregiudizievoli per la sicurezza della rete e dei sistemi informativi. [62]


Rischio: Sebbene spesso impiegato come sinonimo di pericolo e minaccia, il termine indica un danno potenziale per la sicurezza nazionale che deriva da un evento (tanto intenzionale che accidentale) riconducibile ad una minaccia e dalla sua interazione con le vulnerabilità del sistema-Paese o di suoi settori ed articolazioni. [63]

Minacce, vulnerabilità ed impatto costituiscono, quindi, le variabili principali in funzione delle quali viene valutata l’esistenza di un rischio ed il relativo livello ai fini della sua gestione, ossia dell’adozione delle necessarie contromisure (tanto preventive che reattive).

Rischio: Il rischio può essere definito come il valore atteso di perdite (vite umane, feriti, danni alle proprietà e alle attività economiche) dovute al verificarsi di un evento di una data intensità, in una particolare area, in un determinato periodo di tempo. [64]


Rischio: impatto negativo complessivo di un evento, che include sia la probabilità che le conseguenze dell’evento. Nel caso di infrastrutture critiche informatizzate, il rischio sussiste sia a livello fisico che a livello informatico con influenza reciproca dei due settori. [65]


Rischio - Possibilità che si verichi un fatto negativo, un danno, che qualcosa non abbia l'esito voluto. Pericolo, repentaglio. [66]

Nella matematica attuariale, scarto tra la possibilità di verificarsi di un certo evento e la frequenza con cui l'evento si verifica. Rischio (R): è il valore atteso delle perdite umane, dei feriti, dei danni alle proprietà e delle perturbazioni alle attività economiche dovuti al verificarsi di un particolare fenomeno di una data intensità. Il rischio totale è associato ad un particolare elemento a rischio E e ad una data intensità I è il prodotto: R(E;I) = H(I) V (I;E) W (E). Gli eventi che determinano i rischi si suddividono in prevedibili (idrogeologico, vulcanico) e non prevedibili (sismico, chimico industriale, incendi boschivi).

Japan

リスク: 特定の脅威が特定の脆弱性を攻略し、特定の有害な結果をもたらす確率として表明される損失の期待値.

(Cyber) Risk is an expectation of loss expressed as the probability that a articular threat will exploit a particular vulnerability with a articular harmful result. [67]



(States of) Jersey

Risk: the combination of the probability of an event and its negative consequences. [68]



Kiribati

Kanganga: Baika a kona n riki imwiin ana mwakuri te angbuaka n te aro are e kona n iai ana urubwai ke akeaBaika aika a kona n riki ae kona n iai ana urubai nakon baai ke akea. [69]

Risk: The chance of something happening that will have a negative or positive impact on goals.




Latvia

Risks: ir jebkāds racionāli identificĆjams apstāklis vai notikums, kas var nelabvĆlĞgi ietekmĆt tĞklu un informācijas sistĆmu droŐĞbu. [70]



Lithuania

Rizika – pagrĢstai nustatoma aplinkybĊ ar Ģvykis, galintis turĊti neigiamą poveikĢ tinklų ir informacinių sistemų saugumui. [71]



Luxembourg

Risque: toute circonstance ou tout événement raisonnablement identifiable ayant un impact négatif potentiel sur la sécurité des réseaux et des systèmes d'information;. [72]



Malta

Riskju: tfisser kwalunkwe ċirkostanza jew avveniment raġonevolment identifikabbli li jista' jkollu effett negattiv fuq is-sigurtà tan-netwerks u tas-sistemi tal-informazzjoni. [73]



Mexico

Riesgo: Situación que puede conducir a una consecuencia negativa no deseada. [74]



Nepal

Risk: The combination of the probability of an event and its negative consequences. [75]



Netherlands

Risk is the annual loss expectancy (ALE) by the manifestation of threats.

Risico is de jaarlijks te verwachten schade door het manifesteren van bedreigingen. [76]


Risico: elke redelijkerwijs vast te stellen omstandigheid of gebeurtenis met een mogelijk schadelijk effect op de beveiliging van netwerk- en informatiesystemen. [77]


[Dutch] Risico: De vermenigvuldiging van de kans op het ontstaan van brand en het effect daarvan. [78]


Norway

Risiko handler alltid om hva som kan skje i framtida og er derfor forbundet med usikkerhet. Usikkerheten knitter seg til om en bestemt uønsket hendelse vil inntreffe og hva konsekvensene av denne hendelsen vil bli. [79]

Risk is always about what might happen in the future, and therefore there is always a degree of uncertainty associated with it. The uncertainty is related to whether a specific adverse event will occur and to the consequences the event will have. [80]



Oman

Risk is the product of the level of threat with the level of vulnerability. [81]

Risk establishes the likelihood of a successful attack.

Poland

Ryzyko: oznacza każdą dającą się racjonalnie określić okoliczność lub zdarzenie, które ma potencjalny niekorzystny wpływ na bezpieczeństwo sieci i systemów informatycznych. [82]



Portugal

Risco, uma circunstância ou um evento, razoavelmente identificáveis, com um efeito adverso potencial na segurança das redes e dos sistemas de informação. [83]



Risco: Possibilidade de uma ameaça específica explorar as vulnerabilidades internas e externas de uma organização ou de um dos sistemas por ela utilizados, causando assim danos à organização e respetivos ativos corpóreos ou incorpóreos. [84]



Republic of Trinidad & Tobago

The combination of the probability of an event and its negative consequences. [85]


Romania

Risc: înseamnă orice circumstanță sau eveniment ce poate fi identificat în mod rezonabil care are un efect potențial negativ asupra securității rețelelor și a sistemelor informatice. [86]


Risc: Estimarea matematică a pierderilor umane şi materiale, pe o perioadă de referinţă şi într-o zonă dată, cauzate de un dezastru; probabilitatea de a avea de înfruntat un pericol, un necaz, de a ajunge într-o primejdie sau de a avea de înfruntat sau de suportat o pagubă; potenţial pericol. [87]



Saint Lucia

Risk: The probability of harmful consequences, or expected losses (deaths, injuries, property, livelihoods, economic activity disrupted or environment damaged) resulting from interactions between natural or human-induced hazards and vulnerable conditions. [88]



Singapore

Risk: In the Singapore Government context, risk is defined as the effect of uncertainty on objectives. [89]



Slovakia

Riziko: je kaŬdá primerane rozpoznateľná okolnosť alebo udalosť, ktorá môŬe mať nepriaznivý vplyv na bezpeĀnosť sietí a informaĀných systémov. [90]


Riziko: Potenciálna možnosť narušenia bezpečnosti systému, objektu alebo procesu. Je to pravdepodobnosť vzniku krízového javu a jeho dôsledku. [91]



Slovenia

Tveganje: pomeni vsako razumno doloĀljivo okoliŐĀino ali dogodek, ki ima lahko negativen uĀinek na varnost omreŬja in informacijskih sistemov. [92]



Spain

Riesgo: toda circunstancia o hecho razonablemente identificable que tenga un posible efecto adverso en la seguridad de las redes y sistemas de información. [93]



Sweden

Risk: en rimligen identifierbar omständighet eller händelse med en potentiell negativ inverkan på säkerheten i nätverks- och informationssystem. [94]



Switzerland

Das Risiko ist ein Mass für die Grösse einer Gefährdung und beinhaltet die Eintrittswahrscheinlichkeit und das Schadensausmass eines unerwünschten Ereignisses. [95]

Le « risque » permet de déterminer l’étendue d’une mise en danger et englobe la fréquence ou probabilité et l’ampleur des dommages d’un [[Incident}événement]] indésirable. [96]

Il rischio è un metro di misura per le dimensioni di una minaccia e implica la frequenza o la probabilità d’insorgenza e l'entità dei danni di un evento indesiderato. [97]

Der Begriff Risiko dient beim Schutz kritischer Infrastrukturen als Modell sowohl zur Beurteilung von Sicherheitsfragen als auch zum Vergleich verschiedener Gefährdungen anhand gleicher Kriterien. Das Risikomodell beruht grundsätzlich auf zwei Faktoren:

  • Eintrittswahrscheinlichkeit eines Ereignisses;
  • Schadensausmass an Bevölkerung und deren Lebensgrundlagen.

Risiken lassen sich demzufolge als Produkt darstellen, das durch die Eintrittswahrscheinlichkeit eines Ereignisses und dessen Schadensausmasses bestimmt ist.

Turkey

Risk: Tehditlerin bir veya birden çok bilgi varlığındaki açıklığı kullanarak zarar yaratma potansiyelini [98]



United Kingdom (UK)

(cyber) Risk is the potential that a given cyber threat will exploit the vulnerabilities of an information system and cause harm. [99]


Risk is a measure of the significance of a potential emergency in terms of its assessed likelihood and impact. [100]


Risk combines the chance that an event will occur with how large its impact could be, in social, economic or environmental terms. [101]

For example: the costs of damage, number of people affected or areas of land affected by a specific climate effect.

Risk means any reasonably identifiable circumstance or event having a potential adverse effect on the security of network and information systems. [102]



United States

DHS
The potential for an unwanted outcome resulting from an incident, event, or occurrence, as determined by its likelihood and the associated consequences. [103]
NIST
The level of impact on organizational operations (including mission,functions, image, or reputation), organizational assets, or individuals resulting from the operation of an information system given the potential impact of a threat and the likelihood of that threat occurring. [104]


Risk is a measure of the extent to which an entity is threatened by a potential circumstance or event, and typically a function of: (i) the adverse impacts that would arise if the circumstance or event occurs; and (ii) the likelihood of occurrence. [105]



Standard Definitions

IETF

An expectation of loss expressed as the probability that a particular threat will exploit a particular vulnerability with a particular harmful result. [106]


ISO/IEC 27000:2014

Effect of uncertainty on objectives. [107] (based on the ISO Guide 73:2009[108])

  • An effect is a deviation from the expected — positive or negative.
  • Uncertainty is the state, even partial, of deficiency of information related to, understanding or * knowledge of, an event (2.25), its consequence, or likelihood.
  • Risk is often characterized by reference to potential events and consequences, or a combination of these.
  • Risk is often expressed in terms of a combination of the consequences of an event (including changes in circumstances) and the associated likelihood of occurrence.
  • In the context of information security management systems, information security risks can be expressed as effect of uncertainty on information security objectives.
  • Information security risk is associated with the potential that threats will exploit vulnerabilities of an information asset or group of information assets and thereby cause harm to an organization.


ISO/IEC 31000:2009

Risk: Effect of uncertainty on objectives. [109] [110]


Other Definitions

EM-DAT

Risk is the expected losses (of lives, persons injured, property damaged and economic activity disrupted) due to a particular hazard for a given area and reference period. Based on mathematical calculations, risk is the product of hazard and vulnerability. [111]



Ontario (Canada)

Risk is the product of the probability of the occurrence of a hazard and its consequences. [112]


Risque: produit de la probabilité qu’un danger se produise et de ses conséquences. [112]


See also

Notes

  1. EC COM(2006) 787 final, Directive of the Council on the identification and designation of European Critical Infrastructure and the assessment of the need to improve their protection, EC, Brussels 12.12.2006.
  2. European Commission's CBRN Glossary, 2012
  3. DIRECTIVE (EU) 2016/1148 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union
  4. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union
  5. ENISA Risk Glossary
  6. European Climate Adaptation Platform (CLIMATE-ADAPT) Glossary
  7. http://www.ciprnet.eu/
  8. Caribbean Disaster Emergency Management Agency (CDEMA) Regional Comprehensive Disaster Management Strategy and Results Framework 2014-2024
  9. IAEA - Nuclear Security Series Glossary Version 1.3 (November 2015)
  10. NATO EAPC(SCEPC) lexicon 2003.
  11. 2009 UNISDR Terminology on Disaster Risk Reduction, United Nations International Strategy for Disaster Reduction (UNISDR), Geneva, Switzerland, May 2009.
  12. UNISDR glossary
  13. UNISDR glossary
  14. UNISDR glossary
  15. UNISDR glossary
  16. UNISDR glossary in Bahasa
  17. UNISDR glossary in Tagalog
  18. UNISDR glossary in Tagalog
  19. 19.0 19.1 19.2 Internationally agreed glossary of basic terms related to Disaster Management
  20. Mach, K.J., S. Planton and C. von Stechow (eds.). Climate Change 2014: Synthesis Report. Contribution of Working Groups I, II and III to the Fifth Assessment Report of the Intergovernmental Panel on Climate Change. Annex II: Glossary. [Core Writing Team, R.K. Pachauri and L.A. Meyer (eds.)]. IPCC, Geneva, Switzerland, pp. 117-130.
  21. Oficina Nacional de Tecnologías de Información ADMINISTRACION PUBLICA NACIONAL Disposición 3/2013 - Apruébase la “Política de Seguridad de la Información Modelo” (2013)
  22. Glossary of the Government of Queensland
  23. Australian Emergency Management Glossary, Emergency Management Australia (1998)
  24. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - DE
  25. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - NL
  26. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - FR
  27. Actualisatie en verfijning klimaatscenario’s tot 2100 voor Vlaanderen, MIRA/2015/01, januari 2015
  28. RADNA VERZIJA OSOBLJA KOMISIJE: Procjena rizika i mapiranje smernice za upravljanje katastrofama
  29. GUIA DE REFERÊNCIA PARA A SEGURANÇA DAS INFRAESTRUTURAS CRÍTICAS DA INFORMAÇÃO Versão 01 (Nov. 2010)
  30. GLOSSÁRIO DE DEFESA CIVIL ESTUDOS DE RISCOS E MEDICINA DE DESASTRES, Ministério da Integração Nacional, Brazil
  31. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - BG
  32. CIRT-BF Glossary
  33. An Emergency Management Framework for Canada (Second Edition)
  34. 34.0 34.1 Vocabulaire de la gestion des urgencies/Emergency Management Emergency Management Vocabulary 281 (2012) Cite error: Invalid <ref> tag; name "canada" defined multiple times with different content
  35. Avaliação das Necessidades Pós- Desastre (PDNA) ERUPÇÃO VULCÂNICA NO FOGO 2014-2015, Cape Verde
  36. GUÍA ANÁLISIS DE RIESGOS NATURALES PARA EL ORDENAMIENTO TERRITORIAL Subsecretaría de Desarrollo Regional y Administrativo (SUBDERE) Primera Edición, Junio 2011
  37. Glosario Policia Colombia
  38. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - HR
  39. Glossary of Cyber terms/Glosario de términos, Centro de Seguridad del Ciberespacio
  40. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union – EL
  41. Výkladový slovník kybernetické bezpečnosti (2013)
  42. Act No. 181 of 23 July 2014 On Cyber Security and Change of Related Acts (Act on Cyber Security)
  43. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - CS
  44. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - DA
  45. [HÅNDBOG I RISIKOBASERET DIMENSIONERING, Beredskabsstyrelsen, Denmark (2004)]
  46. Glosario de Riesgo, Ministerio de Medio Ambiente y Recursos Naturales, El Salvador
  47. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - ET
  48. Vocabulary of Comprehensive Security. Helsinki (TSK 47) (2014)
  49. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - FI
  50. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - FR
  51. Protection of Critical Infrastructures – Baseline Protection Concept: Recommendation for Companies, BMI.
  52. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - DE
  53. Glossar BBK
  54. BSI Glossary
  55. General Civil Protection Plan "Xenocrates"(Γενικό σχέδιο Πολιτικής Προστασίας "Ξενοκράτης")
  56. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union – EL
  57. Plan Estratégico de Seguridad de la Nación 2016-2020, Guatemala
  58. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - HU
  59. India's DGQA Cyber Security Policy (2015)
  60. A FRAMEWORK FOR MAJOR EMERGENCY MANAGEMENT (APPENDICES)
  61. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union
  62. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - IT
  63. IL LINGUAGGIO DEGLI ORGANISMI INFORMATIVI Glossario (2013)
  64. Dipartimento della Protezione Civile Glossario
  65. PROTEZIONE DELLE INFRASTRUTTURE CRITICHE INFORMATIZZATE La realtà Italiana (2004)
  66. GLOSSARIO DI PROTEZIONE CIVILE Regione Sicilia
  67. RFC2828 (Japanese translation)
  68. States of Jersey Future-proofing Jersey: Building Resilience for the 21st Century (2015)
  69. Kiribati BI-LINGUAL GLOSSARY OF CLIMATE CHANGE TERMS, Original translations by Dr Temakei Tebano & Etita Teiabauri, 2008
  70. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - LV
  71. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - LT
  72. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - FR
  73. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - MT
  74. GUÍA PARA LA PRESENTACIÓN DEL ESTUDIO DE RIESGO MODALIDAD ANALISIS DE RIESGO, Mexico
  75. Climate Change and Community Based Adaptation Planning Training Manual, Government of Nepal (2015)
  76. Zakboekje Preventie Cybercrime (2008)
  77. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - NL
  78. Risicobeoordeling 16.0: Een kansrijk kader; Theorie achter het risicomanagementproces en leidraad voor risicobeoordeling, June 2015
  79. DSB, National Risikobild 2014
  80. DSB, National Risk Analysis 2014
  81. Oman CERT Glossary
  82. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - PL
  83. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - PT
  84. Decisão do Conselho n.º 2013/488/EU, de 23 de setembro de 2013, relativa às regras de segurança aplicáveis à proteção das informações classificadas da UE
  85. Comprehensive Disaster Management Policy Framework for Trinidad and Tobago
  86. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - RO
  87. GLOSAR de termeni din domeniul ordinii şi siguranţei publice, MINISTERUL ADMINISTRAŢIEI ŞI INTERNELOR DIRECŢIA GENERALĂ ORGANIZARE, PLANIFICARE MISIUNI ŞI RESURSE
  88. Disaster Risk Reduction Country Profile for Saint Lucia: August 2012
  89. Foresight: A Glossary, Civil Service College, Singapore
  90. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - SK
  91. BEZPEČNOSTNÁ RADA SLOVENSKEJ REPUBLIKY
  92. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - SL
  93. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - ES
  94. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - SV
  95. Glossar der Risikobegriffe, Bundesamt für Bevölkerungsschutz BABS, 29.4.2013
  96. Glossaire des risques, Office fédéral de la protection de la population, 29.4.2013
  97. Glossario sui rischi, Ufficio federale della protezione della popolazione UFPP, 29.4.2013
  98. 2016-2019 UlUSAL SİBER GÜVENLİk STRATEJİSİ (National Cyber Security Strategy 2016-2019, Sept. 2016)
  99. National Cyber Security Strategy 2016, HM Government
  100. Glossary - Revision to Emergency Preparedness, Cabinet Office (2012)
  101. The National Adaptation Programme: Making the country resilient to a changing climate, UK Government (2013)
  102. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union
  103. DHS Risk Lexicon 2010 Edition, September 2010
  104. NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013/FIPS 200
  105. NIST Special Publication 800-53 Rev 4: Security and Privacy Controls for Federal Information Systems and Organizations (April 2013) / FIPS 200
  106. IETF RFC449 Internet Security Glossary 2
  107. ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
  108. ISO Guide 73:2009 Risk management -- Vocabulary
  109. ISO/IEC 31000:2009, Risk management -- Principles and guidelines
  110. ISO 22301:2012 Societal security -- Business continuity management systems --- Requirements
  111. EM-DAT disaster database glossary
  112. 112.0 112.1 Province of Ontario’s Emergency Management Glossary of Terms