Risk
Contents
- 1 Definitions
- 1.1 European Definitions
- 1.2 International Definitions
- 1.3 National Definitions
- 1.3.1 Argentina
- 1.3.2 Australia
- 1.3.3 Austria
- 1.3.4 Belgium
- 1.3.5 Brazil
- 1.3.6 Bulgaria
- 1.3.7 Canada
- 1.3.8 Croatia
- 1.3.9 Cyprus
- 1.3.10 Czech Republic
- 1.3.11 Denmark
- 1.3.12 Estonia
- 1.3.13 Finland
- 1.3.14 France
- 1.3.15 Germany
- 1.3.16 Greece
- 1.3.17 Hungary
- 1.3.18 India
- 1.3.19 Ireland
- 1.3.20 Italy
- 1.3.21 Japan
- 1.3.22 Latvia
- 1.3.23 Lithuania
- 1.3.24 Luxembourg
- 1.3.25 Malta
- 1.3.26 Netherlands
- 1.3.27 Norway
- 1.3.28 Poland
- 1.3.29 Portugal
- 1.3.30 Republic of Trinidad & Tobago
- 1.3.31 Romania
- 1.3.32 Slovakia
- 1.3.33 Slovenia
- 1.3.34 Spain
- 1.3.35 Sweden
- 1.3.36 Switzerland
- 1.3.37 Turkey
- 1.3.38 United Kingdom (UK)
- 1.3.39 United States
- 1.4 Standard Definitions
- 1.5 Other Definitions
- 2 See also
- 3 Notes
Definitions
European Definitions
EU
European Commission
ENISA
International Definitions
CARICOM
NATO CEP / EAPC
The level of risk is a condition of two factors: (1) the value placed on the asset by its owner/operator and the impact of loss or change to the asset, and (2) the likelihood that a specific vulnerability will be exploited by a particular threat.
UNISDR
Intergovernmental Panel on Climate Change (IPCC)
National Definitions
Argentina
Australia
[12] provides three other Australian definitions of risk.
Austria
Belgium
Brazil
Risk is the uncertainty effect on goals.
Bulgaria
Canada
Combinaison de la possibilité qu’un aléa donné se produise et des conséquences potentielles pouvant y être associées. [18] [19]
Risk refers to the vulnerability, proximity or exposure to hazards, which affects the likelihood of adverse impact.
Croatia
Cyprus
Czech Republic
Risk is either defined as: (1) Danger, possibility of damage, loss, failure. (2) Effect of uncertainty to achieve objectives. (3) Possibility that a certain threat would utilize vulnerability of an asset or group of assets and cause damage to an organization. [23]
Denmark
Estonia
Finland
Risk is the combination of probability and consequences of a negative circumstance or event. -unofficial translation- [27]
France
Germany
Greece
(Risk is the combination of the occurrence likelihood of a natural hazard or a technological event or other disasters and the severity of the damages that can be caused to citizens, to assets, to productive sources and to infrastructures of a region) [32]
Hungary
India
Ireland
Italy
Japan
(Cyber) Risk is an expectation of loss expressed as the probability that a articular threat will exploit a particular vulnerability with a articular harmful result. [39]
Latvia
Lithuania
Luxembourg
Malta
Netherlands
Risico is de jaarlijks te verwachten schade door het manifesteren van bedreigingen. [44]
Norway
Risk is always about what might happen in the future, and therefore there is always a degree of uncertainty associated with it. The uncertainty is related to whether a specific adverse event will occur and to the consequences the event will have. [47]
Poland
Portugal
Republic of Trinidad & Tobago
Romania
Slovakia
Slovenia
Spain
Sweden
Switzerland
Le « risque » permet de déterminer l’étendue d’une mise en danger et englobe la fréquence ou probabilité et l’ampleur des dommages d’un [[Incident}événement]] indésirable. [57]
Il rischio è un metro di misura per le dimensioni di una minaccia e implica la frequenza o la probabilità d’insorgenza e l'entità dei danni di un evento indesiderato. [58]
Der Begriff Risiko dient beim Schutz kritischer Infrastrukturen als Modell sowohl zur Beurteilung von Sicherheitsfragen als auch zum Vergleich verschiedener Gefährdungen anhand gleicher Kriterien. Das Risikomodell beruht grundsätzlich auf zwei Faktoren:
- Eintrittswahrscheinlichkeit eines Ereignisses;
- Schadensausmass an Bevölkerung und deren Lebensgrundlagen.
Risiken lassen sich demzufolge als Produkt darstellen, das durch die Eintrittswahrscheinlichkeit eines Ereignisses und dessen Schadensausmasses bestimmt ist.
Turkey
United Kingdom (UK)
For example: the costs of damage, number of people affected or areas of land affected by a specific climate effect.
United States
DHS
NIST
Standard Definitions
IETF
ISO/IEC 27000:2014
- An effect is a deviation from the expected — positive or negative.
- Uncertainty is the state, even partial, of deficiency of information related to, understanding or * knowledge of, an event (2.25), its consequence, or likelihood.
- Risk is often characterized by reference to potential events and consequences, or a combination of these.
- Risk is often expressed in terms of a combination of the consequences of an event (including changes in circumstances) and the associated likelihood of occurrence.
- In the context of information security management systems, information security risks can be expressed as effect of uncertainty on information security objectives.
- Information security risk is associated with the potential that threats will exploit vulnerabilities of an information asset or group of information assets and thereby cause harm to an organization.
ISO/IEC 31000:2009
Other Definitions
Ontario (Canada)
See also
Notes
- ↑ EC COM(2006) 787 final, Directive of the Council on the identification and designation of European Critical Infrastructure and the assessment of the need to improve their protection, EC, Brussels 12.12.2006.
- ↑ European Commission's CBRN Glossary, 2012
- ↑ DIRECTIVE (EU) 2016/1148 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union
- ↑ ENISA Risk Glossary
- ↑ Caribbean Disaster Emergency Management Agency (CDEMA) Regional Comprehensive Disaster Management Strategy and Results Framework 2014-2024
- ↑ NATO EAPC(SCEPC) lexicon 2003.
- ↑ 2009 UNISDR Terminology on Disaster Risk Reduction, United Nations International Strategy for Disaster Reduction (UNISDR), Geneva, Switzerland, May 2009.
- ↑ Mach, K.J., S. Planton and C. von Stechow (eds.). Climate Change 2014: Synthesis Report. Contribution of Working Groups I, II and III to the Fifth Assessment Report of the Intergovernmental Panel on Climate Change. Annex II: Glossary. [Core Writing Team, R.K. Pachauri and L.A. Meyer (eds.)]. IPCC, Geneva, Switzerland, pp. 117-130.
- ↑ Oficina Nacional de Tecnologías de Información ADMINISTRACION PUBLICA NACIONAL Disposición 3/2013 - Apruébase la “Política de Seguridad de la Información Modelo” (2013)
- ↑ Glossary of the Government of Queensland
- ↑ Australian Emergency Management Glossary, Emergency Management Australia (1998)
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - DE
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - NL
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - FR
- ↑ GUIA DE REFERÊNCIA PARA A SEGURANÇA DAS INFRAESTRUTURAS CRÍTICAS DA INFORMAÇÃO Versão 01 (Nov. 2010)
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - BG
- ↑ An Emergency Management Framework for Canada (Second Edition)
- ↑ Vocabulaire de la gestion des urgencies/Emergency Management Emergency Management Vocabulary 281 (2012)
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - HR
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union – EL
- ↑ Výkladový slovník kybernetické bezpečnosti (2013)
- ↑ Act No. 181 of 23 July 2014 On Cyber Security and Change of Related Acts (Act on Cyber Security)
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - CS
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - DA
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - ET
- ↑ Vocabulary of Comprehensive Security. Helsinki (TSK 47) (2014)
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - FI
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - FR
- ↑ Protection of Critical Infrastructures – Baseline Protection Concept: Recommendation for Companies, BMI.
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - DE
- ↑ General Civil Protection Plan "Xenocrates"(Γενικό σχέδιο Πολιτικής Προστασίας "Ξενοκράτης")
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union – EL
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - HU
- ↑ India's DGQA Cyber Security Policy (2015)
- ↑ A FRAMEWORK FOR MAJOR EMERGENCY MANAGEMENT (APPENDICES)
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - IT
- ↑ RFC2828 (Japanese translation)
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - LV
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - LT
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - FR
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - MT
- ↑ Zakboekje Preventie Cybercrime (2008)
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - NL
- ↑ DSB, National Risikobild 2014
- ↑ DSB, National Risk Analysis 2014
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - PL
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - PT
- ↑ Comprehensive Disaster Management Policy Framework for Trinidad and Tobago
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - RO
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - SK
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - SL
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - ES
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - SV
- ↑ Glossar der Risikobegriffe, Bundesamt für Bevölkerungsschutz BABS, 29.4.2013
- ↑ Glossaire des risques, Office fédéral de la protection de la population, 29.4.2013
- ↑ Glossario sui rischi, Ufficio federale della protezione della popolazione UFPP, 29.4.2013
- ↑ 2016-2019 UlUSAL SİBER GÜVENLİk STRATEJİSİ (National Cyber Security Strategy 2016-2019, Sept. 2016)
- ↑ National Cyber Security Strategy 2016, HM Government
- ↑ Glossary - Revision to Emergency Preparedness, Cabinet Office (2012)
- ↑ The National Adaptation Programme: Making the country resilient to a changing climate, UK Government (2013)
- ↑ Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union
- ↑ DHS Risk Lexicon 2010 Edition, September 2010
- ↑ NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013/FIPS 200
- ↑ NIST Special Publication 800-53 Rev 4: Security and Privacy Controls for Federal Information Systems and Organizations (April 2013) / FIPS 200
- ↑ IETF RFC449 Internet Security Glossary 2
- ↑ ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
- ↑ ISO Guide 73:2009 Risk management -- Vocabulary
- ↑ ISO/IEC 31000:2009, Risk management -- Principles and guidelines
- ↑ 71.0 71.1 Province of Ontario’s Emergency Management Glossary of Terms