Risk

From CIPedia
Revision as of 16:04, 14 December 2016 by Eluiijf (talk | contribs) (Germany)
Jump to navigation Jump to search

Definitions

European Definitions

EU

The possibility of loss, damage or injury having regard to the value placed on the asset by its owner/operator and the impact of loss or change to the asset, and the likelihood that a specific vulnerability will be exploited by a particular threat. [1]


The probability of adverse effects caused by a hazardous phenomenon or substance in an organism, a population, or an ecological system. [2]


European Commission

Risk means any reasonably identifiable circumstance or event having a potential adverse effect on the security of network and information systems. [3]


Risk means any reasonably identifiable circumstance or event having a potential adverse effect on the security of network and information systems. [4]


ENISA

Risk is the potential that a given threat will exploit vulnerabilities of an asset or group of assets and thereby cause harm to the organization (derived from ISO/IEC PDTR 13335-1). [5]



International Definitions

CARICOM

The combination of the probability of an event and its negative consequences. [6]


NATO CEP / EAPC

The possibility of loss, damage or injury. [7]

The level of risk is a condition of two factors: (1) the value placed on the asset by its owner/operator and the impact of loss or change to the asset, and (2) the likelihood that a specific vulnerability will be exploited by a particular threat.

UNISDR

Risk is the combination of the probability of an event and its negative consequences. [8]


Risque: La combinaison de la probabilité d’un événement et de ses conséquences negatives. [9]


Риск: Сочетание вероятности события и его негативных последствий [10]


Riesgo: La combinación de la probabilidad de que se produzca un evento y sus consecuencias negativas. [11]


مخاطرة )وجمعها مخاطر( : حصيلة احتمالية وقوع الحدث والعواقب السلبية المصاحبة له. [12]


Risiko: Gabungan antara kemungkinan terjadinya suatu peristiwa dan dampak-dampak negatif yang ditimbulkannya. [13]


Peligro: Isang mapanganib na kaganapan, substansya, aktibidad ng tao, o kondisyon na maaaring kumitil ng buhay, puminsala sa katawan at kalusugan, sumira ng ariarian, magwasak ng kabuhayan at mga serbisyo, bumulabog ng lipunan at ekonomya at magwasak ng kapaligiran. [14]


Peligro: Ang probabilidad ng isang pangyayari at ang negatibong mga epekto nito. [15]



Intergovernmental Panel on Climate Change (IPCC)

The potential for consequences where something of value is at stake and where the outcome is uncertain, recognizing the diversity of values. Risk is often represented as probability of occurrence of hazardous events multiplied by the impacts if these events or trends occur. Risk results from the interaction of vulnerability, exposure, and hazard. [16]


National Definitions

Argentina

Riesgo: Combinación de la probabilidad de ocurrencia de un evento y sus consecuencias o impacto. [17]



Australia

The chance of something happening that will have an impact on objectives. It is measured in terms if likelihood and consequence. [18]

[19] provides three other Australian definitions of risk.

Austria

Risiko: alle mit vernünftigem Aufwand feststellbaren Umstände oder Ereignisse, die potenziell nachteilige Auswirkungen auf die Sicherheit von Netz- und Informationssystemen haben. [20]



Belgium

Risico: elke redelijkerwijs vast te stellen omstandigheid of gebeurtenis met een mogelijk schadelijk effect op de beveiliging van netwerk- en informatiesystemen. [21]


Risque: toute circonstance ou tout événement raisonnablement identifiable ayant un impact négatif potentiel sur la sécurité des réseaux et des systèmes d'information;. [22]



Brazil

Risco: efeito da incerteza nos objetivos. [23]
Risk is the uncertainty effect on goals.



Bulgaria

ǸǰǹDz“ ǶǯǵǨǿǨǪǨ ǸǨǯǻǴǵǶ ǻǹǺǨǵǶǪǰǴǶ ǶǩǹǺǶȇǺǭdzǹǺǪǶ ǰdzǰ ǹȂǩǰǺǰǭ, DzǶǭǺǶ ǴǶǮǭ ǬǨ ǰǴǨ ǵǭǩdzǨǫǶǷǸǰȇǺǵǶ ǪȂǯǬǭDZǹǺǪǰǭ ǪȂǸǽǻ ǹǰǫǻǸǵǶǹǺǺǨ ǵǨ ǴǸǭǮǰǺǭ ǰ ǰǵǼǶǸǴǨǾǰǶǵǵǰǺǭ ǹǰǹǺǭǴǰ. [24]



Canada

Risk is the combination of the likelihood and the consequence of a specified hazard being realized.

Combinaison de la possibilité qu’un aléa donné se produise et des conséquences potentielles pouvant y être associées. [25] [26]

Risk refers to the vulnerability, proximity or exposure to hazards, which affects the likelihood of adverse impact.

Croatia

Rizik: znaĀi bilo koja razumno prepoznatljiva okolnost ili događaj koji ima potencijalan negativni uĀinak na sigurnost mrežnih i informacijskih sustava. [27]



Cyprus

Κίνδυνος: κάθε εύλογα διαπιστώσιμη περίσταση ή γεγονός με δυνητική δυσμενή επίπτωση στην ασφάλεια συστημάτων δικτύου και πληροφοριών. [28]]



Czech Republic

Riziko: (1) Nebezpečí, možnost škody, ztráty, nezdaru. (2) Účinek nejistoty na dosažení cílů. (3) Možnost, že určitá hrozba využije zranitelnosti aktiva nebo skupiny aktiv a způsobí organizaci škodu. [29]

Risk is either defined as: (1) Danger, possibility of damage, loss, failure. (2) Effect of uncertainty to achieve objectives. (3) Possibility that a certain threat would utilize vulnerability of an asset or group of assets and cause damage to an organization. [30]


Rizikem: jakákoli v pňimĎňenĎ rozpoznatelná okolnost nebo událost, která by mohla mít negativní dopad na bezpeĀnost sítí a informaĀních systémů. [31]



Denmark

Risiko: enhver rimeligt identificerbar omstændighed eller begivenhed, der har en potentiel negativ indvirkning på sikkerheden i net- og informationssystemer. [32]



Estonia

Risk: mõistlikult tuvastatav asjaolu või sündmus, mis võib kahjustada võrgu- ja infosüsteemide turvalisust;. [33]<



Finland

Riski: kielteisen seikan tai tapahtuman todennäköisyyden ja vaikutusten yhdistelmä.

Risk is the combination of probability and consequences of a negative circumstance or event. -unofficial translation- [34]


Riskillä: mitä tahansa kohtuullisesti tunnistettavissa olevaa tilannetta tai tapahtumaa, joka saattaa vaikuttaa haitallisesti verkko- ja tietojärjestelmien turvallisuuteen. [35]



France

Risque: toute circonstance ou tout événement raisonnablement identifiable ayant un impact négatif potentiel sur la sécurité des réseaux et des systèmes d'information;. [36]



Germany

Likelihood of a serious danger which (a) constitutes a threat to human life, (b) will impair the health of a large number of people, or (c) affects economic activity, public services and technical infrastructures and may cause damage to the environment, in particular animals and plants, the soil, the water, the atmosphere and cultural and material assets. [37]


Risiko: alle mit vernünftigem Aufwand feststellbaren Umstände oder Ereignisse, die potenziell nachteilige Auswirkungen auf die Sicherheit von Netz- und Informationssystemen haben. [38]


Maß für die Wahrscheinlichkeit des Eintritts eines bestimmten Schadens an einem Schutzgut unter Berücksichtigung des potenziellen Schadensausmaßes. [39]


Risiko ist ein mögliches Event, das zu einem Schaden oder Verlust führen oder das Erreichen von Zielen beeinträchtigen könnte. [40]



Greece

Κίνδυνος νοείται η πιθανότητα εκδήλωσης ενός φυσικού φαινομένου ή τεχνολογικού συμβάντος ή και λοιπών καταστροφών σε συνδυασμό με την ένταση των καταστροφών, που μπορεί να προκληθούν στους πολίτες, στα αγαθά, στις πλουτοπαραγωγικές πηγές και στις υποδομές μιας περιοχής.

(Risk is the combination of the occurrence likelihood of a natural hazard or a technological event or other disasters and the severity of the damages that can be caused to citizens, to assets, to productive sources and to infrastructures of a region) [41]


Κίνδυνος: κάθε εύλογα διαπιστώσιμη περίσταση ή γεγονός με δυνητική δυσμενή επίπτωση στην ασφάλεια συστημάτων δικτύου και πληροφοριών. [42]]



Hungary

Kockázat: minden olyan észszerűen azonosítható körülmény vagy esemény, amely kedvezőtlen hatást gyakorolhat a hálózati és információs rendszerek biztonságára. [43]



India

Risk is the potential of damage to a system or associated assets that exists as a result of the combination of security threat and vulnerability. [44]



Ireland

Risk is the combination of the likelihood of a hazardous event and its potential impact. [45]


Risk means any reasonably identifiable circumstance or event having a potential adverse effect on the security of network and information systems. [46]



Italy

Rischio: ogni circostanza o evento ragionevolmente individuabile con potenziali effetti pregiudizievoli per la sicurezza della rete e dei sistemi informativi. [47]



Japan

リスク: 特定の脅威が特定の脆弱性を攻略し、特定の有害な結果をもたらす確率として表明される損失の期待値.

(Cyber) Risk is an expectation of loss expressed as the probability that a articular threat will exploit a particular vulnerability with a articular harmful result. [48]



Latvia

Risks: ir jebkāds racionāli identificĆjams apstāklis vai notikums, kas var nelabvĆlĞgi ietekmĆt tĞklu un informācijas sistĆmu droŐĞbu. [49]



Lithuania

Rizika – pagrĢstai nustatoma aplinkybĊ ar Ģvykis, galintis turĊti neigiamą poveikĢ tinklų ir informacinių sistemų saugumui. [50]



Luxembourg

Risque: toute circonstance ou tout événement raisonnablement identifiable ayant un impact négatif potentiel sur la sécurité des réseaux et des systèmes d'information;. [51]



Malta

Riskju: tfisser kwalunkwe ċirkostanza jew avveniment raġonevolment identifikabbli li jista' jkollu effett negattiv fuq is-sigurtà tan-netwerks u tas-sistemi tal-informazzjoni. [52]



Netherlands

Risk is the annual loss expectancy (ALE) by the manifestation of threats.

Risico is de jaarlijks te verwachten schade door het manifesteren van bedreigingen. [53]


Risico: elke redelijkerwijs vast te stellen omstandigheid of gebeurtenis met een mogelijk schadelijk effect op de beveiliging van netwerk- en informatiesystemen. [54]


[Dutch] Risico: De vermenigvuldiging van de kans op het ontstaan van brand en het effect daarvan. [55]


Norway

Risiko handler alltid om hva som kan skje i framtida og er derfor forbundet med usikkerhet. Usikkerheten knitter seg til om en bestemt uønsket hendelse vil inntreffe og hva konsekvensene av denne hendelsen vil bli. [56]

Risk is always about what might happen in the future, and therefore there is always a degree of uncertainty associated with it. The uncertainty is related to whether a specific adverse event will occur and to the consequences the event will have. [57]



Poland

Ryzyko: oznacza każdą dającą się racjonalnie określić okoliczność lub zdarzenie, które ma potencjalny niekorzystny wpływ na bezpieczeństwo sieci i systemów informatycznych. [58]



Portugal

Risco, uma circunstância ou um evento, razoavelmente identificáveis, com um efeito adverso potencial na segurança das redes e dos sistemas de informação. [59]



Republic of Trinidad & Tobago

The combination of the probability of an event and its negative consequences. [60]


Romania

Risc: înseamnă orice circumstanță sau eveniment ce poate fi identificat în mod rezonabil care are un efect potențial negativ asupra securității rețelelor și a sistemelor informatice. [61]



Slovakia

Riziko: je kaŬdá primerane rozpoznateľná okolnosť alebo udalosť, ktorá môŬe mať nepriaznivý vplyv na bezpeĀnosť sietí a informaĀných systémov. [62]



Slovenia

Tveganje: pomeni vsako razumno doloĀljivo okoliŐĀino ali dogodek, ki ima lahko negativen uĀinek na varnost omreŬja in informacijskih sistemov. [63]



Spain

Riesgo: toda circunstancia o hecho razonablemente identificable que tenga un posible efecto adverso en la seguridad de las redes y sistemas de información. [64]



Sweden

Risk: en rimligen identifierbar omständighet eller händelse med en potentiell negativ inverkan på säkerheten i nätverks- och informationssystem. [65]



Switzerland

Das Risiko ist ein Mass für die Grösse einer Gefährdung und beinhaltet die Eintrittswahrscheinlichkeit und das Schadensausmass eines unerwünschten Ereignisses. [66]

Le « risque » permet de déterminer l’étendue d’une mise en danger et englobe la fréquence ou probabilité et l’ampleur des dommages d’un [[Incident}événement]] indésirable. [67]

Il rischio è un metro di misura per le dimensioni di una minaccia e implica la frequenza o la probabilità d’insorgenza e l'entità dei danni di un evento indesiderato. [68]

Der Begriff Risiko dient beim Schutz kritischer Infrastrukturen als Modell sowohl zur Beurteilung von Sicherheitsfragen als auch zum Vergleich verschiedener Gefährdungen anhand gleicher Kriterien. Das Risikomodell beruht grundsätzlich auf zwei Faktoren:

  • Eintrittswahrscheinlichkeit eines Ereignisses;
  • Schadensausmass an Bevölkerung und deren Lebensgrundlagen.

Risiken lassen sich demzufolge als Produkt darstellen, das durch die Eintrittswahrscheinlichkeit eines Ereignisses und dessen Schadensausmasses bestimmt ist.

Turkey

Risk: Tehditlerin bir veya birden çok bilgi varlığındaki açıklığı kullanarak zarar yaratma potansiyelini [69]



United Kingdom (UK)

(cyber) Risk is the potential that a given cyber threat will exploit the vulnerabilities of an information system and cause harm. [70]


Risk is a measure of the significance of a potential emergency in terms of its assessed likelihood and impact. [71]


Risk combines the chance that an event will occur with how large its impact could be, in social, economic or environmental terms. [72]

For example: the costs of damage, number of people affected or areas of land affected by a specific climate effect.

Risk means any reasonably identifiable circumstance or event having a potential adverse effect on the security of network and information systems. [73]



United States

DHS
The potential for an unwanted outcome resulting from an incident, event, or occurrence, as determined by its likelihood and the associated consequences. [74]
NIST
The level of impact on organizational operations (including mission,functions, image, or reputation), organizational assets, or individuals resulting from the operation of an information system given the potential impact of a threat and the likelihood of that threat occurring. [75]


Risk is a measure of the extent to which an entity is threatened by a potential circumstance or event, and typically a function of: (i) the adverse impacts that would arise if the circumstance or event occurs; and (ii) the likelihood of occurrence. [76]



Standard Definitions

IETF

An expectation of loss expressed as the probability that a particular threat will exploit a particular vulnerability with a particular harmful result. [77]


ISO/IEC 27000:2014

Effect of uncertainty on objectives. [78] (based on the ISO Guide 73:2009[79])

  • An effect is a deviation from the expected — positive or negative.
  • Uncertainty is the state, even partial, of deficiency of information related to, understanding or * knowledge of, an event (2.25), its consequence, or likelihood.
  • Risk is often characterized by reference to potential events and consequences, or a combination of these.
  • Risk is often expressed in terms of a combination of the consequences of an event (including changes in circumstances) and the associated likelihood of occurrence.
  • In the context of information security management systems, information security risks can be expressed as effect of uncertainty on information security objectives.
  • Information security risk is associated with the potential that threats will exploit vulnerabilities of an information asset or group of information assets and thereby cause harm to an organization.


ISO/IEC 31000:2009

Effect of uncertainty on objectives. [80]


Other Definitions

EM-DAT

Risk is the expected losses (of lives, persons injured, property damaged and economic activity disrupted) due to a particular hazard for a given area and reference period. Based on mathematical calculations, risk is the product of hazard and vulnerability. [81]



Ontario (Canada)

Risk is the product of the probability of the occurrence of a hazard and its consequences. [82]


Risque: produit de la probabilité qu’un danger se produise et de ses conséquences. [82]


See also

Notes

  1. EC COM(2006) 787 final, Directive of the Council on the identification and designation of European Critical Infrastructure and the assessment of the need to improve their protection, EC, Brussels 12.12.2006.
  2. European Commission's CBRN Glossary, 2012
  3. DIRECTIVE (EU) 2016/1148 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union
  4. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union
  5. ENISA Risk Glossary
  6. Caribbean Disaster Emergency Management Agency (CDEMA) Regional Comprehensive Disaster Management Strategy and Results Framework 2014-2024
  7. NATO EAPC(SCEPC) lexicon 2003.
  8. 2009 UNISDR Terminology on Disaster Risk Reduction, United Nations International Strategy for Disaster Reduction (UNISDR), Geneva, Switzerland, May 2009.
  9. UNISDR glossary
  10. UNISDR glossary
  11. UNISDR glossary
  12. UNISDR glossary
  13. UNISDR glossary in Bahasa
  14. UNISDR glossary in Tagalog
  15. UNISDR glossary in Tagalog
  16. Mach, K.J., S. Planton and C. von Stechow (eds.). Climate Change 2014: Synthesis Report. Contribution of Working Groups I, II and III to the Fifth Assessment Report of the Intergovernmental Panel on Climate Change. Annex II: Glossary. [Core Writing Team, R.K. Pachauri and L.A. Meyer (eds.)]. IPCC, Geneva, Switzerland, pp. 117-130.
  17. Oficina Nacional de Tecnologías de Información ADMINISTRACION PUBLICA NACIONAL Disposición 3/2013 - Apruébase la “Política de Seguridad de la Información Modelo” (2013)
  18. Glossary of the Government of Queensland
  19. Australian Emergency Management Glossary, Emergency Management Australia (1998)
  20. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - DE
  21. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - NL
  22. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - FR
  23. GUIA DE REFERÊNCIA PARA A SEGURANÇA DAS INFRAESTRUTURAS CRÍTICAS DA INFORMAÇÃO Versão 01 (Nov. 2010)
  24. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - BG
  25. An Emergency Management Framework for Canada (Second Edition)
  26. Vocabulaire de la gestion des urgencies/Emergency Management Emergency Management Vocabulary 281 (2012)
  27. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - HR
  28. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union – EL
  29. Výkladový slovník kybernetické bezpečnosti (2013)
  30. Act No. 181 of 23 July 2014 On Cyber Security and Change of Related Acts (Act on Cyber Security)
  31. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - CS
  32. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - DA
  33. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - ET
  34. Vocabulary of Comprehensive Security. Helsinki (TSK 47) (2014)
  35. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - FI
  36. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - FR
  37. Protection of Critical Infrastructures – Baseline Protection Concept: Recommendation for Companies, BMI.
  38. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - DE
  39. Glossar BBK
  40. BSI Glossary
  41. General Civil Protection Plan "Xenocrates"(Γενικό σχέδιο Πολιτικής Προστασίας "Ξενοκράτης")
  42. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union – EL
  43. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - HU
  44. India's DGQA Cyber Security Policy (2015)
  45. A FRAMEWORK FOR MAJOR EMERGENCY MANAGEMENT (APPENDICES)
  46. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union
  47. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - IT
  48. RFC2828 (Japanese translation)
  49. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - LV
  50. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - LT
  51. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - FR
  52. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - MT
  53. Zakboekje Preventie Cybercrime (2008)
  54. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - NL
  55. Risicobeoordeling 16.0: Een kansrijk kader; Theorie achter het risicomanagementproces en leidraad voor risicobeoordeling, June 2015
  56. DSB, National Risikobild 2014
  57. DSB, National Risk Analysis 2014
  58. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - PL
  59. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - PT
  60. Comprehensive Disaster Management Policy Framework for Trinidad and Tobago
  61. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - RO
  62. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - SK
  63. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - SL
  64. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - ES
  65. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union - SV
  66. Glossar der Risikobegriffe, Bundesamt für Bevölkerungsschutz BABS, 29.4.2013
  67. Glossaire des risques, Office fédéral de la protection de la population, 29.4.2013
  68. Glossario sui rischi, Ufficio federale della protezione della popolazione UFPP, 29.4.2013
  69. 2016-2019 UlUSAL SİBER GÜVENLİk STRATEJİSİ (National Cyber Security Strategy 2016-2019, Sept. 2016)
  70. National Cyber Security Strategy 2016, HM Government
  71. Glossary - Revision to Emergency Preparedness, Cabinet Office (2012)
  72. The National Adaptation Programme: Making the country resilient to a changing climate, UK Government (2013)
  73. Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union
  74. DHS Risk Lexicon 2010 Edition, September 2010
  75. NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013/FIPS 200
  76. NIST Special Publication 800-53 Rev 4: Security and Privacy Controls for Federal Information Systems and Organizations (April 2013) / FIPS 200
  77. IETF RFC449 Internet Security Glossary 2
  78. ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
  79. ISO Guide 73:2009 Risk management -- Vocabulary
  80. ISO/IEC 31000:2009, Risk management -- Principles and guidelines
  81. EM-DAT disaster database glossary
  82. 82.0 82.1 Province of Ontario’s Emergency Management Glossary of Terms
Retrieved from "https://websites.fraunhofer.de/CIPedia/index.php?title=Risk&oldid=6639"