Difference between revisions of "Risk Analysis"
Line 15: | Line 15: | ||
{{definition|Process to comprehend the nature of risk and to determine the level of [[risk]]. <ref> [http://www.risknz.org.nz/files/3114/0868%2F4596%2F5050-2010.pdf Australia AS NZS 5050 (2010)]</ref>}}<br /> | {{definition|Process to comprehend the nature of risk and to determine the level of [[risk]]. <ref> [http://www.risknz.org.nz/files/3114/0868%2F4596%2F5050-2010.pdf Australia AS NZS 5050 (2010)]</ref>}}<br /> | ||
+ | ==== [[Austria]] ==== | ||
+ | {{definition|Risikoanalyse die Prüfung relevanter Bedrohungsszenarien, um die Schwachstellen und mögliche Auswirkungen einer Störung oder Zerstörung kritischer Infrastrukturen zu bewerten. <ref> [http://eur-lex.europa.eu/legal-content/DE/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}}<br /><br /> | ||
+ | ==== [[Belgium]] ==== | ||
+ | {{definition|Risicoanalyse: bestudering van relevante dreigingsscenario’s om de kwetsbaarheid en de mogelijke gevolgen van de verstoring of vernietiging van kritieke infrastructuur te beoordelen. <ref>[http://eur-lex.europa.eu/legal-content/NL/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}} <br /><br /> | ||
+ | {{definition|Analyse de risques: examen des scénarios de menace pertinents destiné à évaluer les vulnérabilités [[Critical Infrastructure|d’infrastructures critiques]] et les impacts potentiels de leur arrêt ou destruction. <ref>[http://eur-lex.europa.eu/legal-content/FR/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}}<br /><br /> | ||
+ | |||
==== [[Brazil]] ==== | ==== [[Brazil]] ==== | ||
{{definition|Análise de riscos: análise e avaliação das vulnerabilidades das redes e dos sistemas que suportam a oferta de serviços, fundamentadas na hierarquização dos elementos necessários à prestação dos serviços. <ref>[http://www.itu.int/en/ITU-D/Cybersecurity/Documents/National_Strategies_Repository/Brazil_2012_Orig.pdf REGULAMENTO SOBRE GESTÃO DE RISCO DAS REDES DE TELECOMUNICAÇÕES E USO DE SERVIÇOS DE TELECOMUNICAÇÕES EM SITUAÇÕES DE EMERGÊNCIA E DESASTRES (2012)]</ref>}}<br /> | {{definition|Análise de riscos: análise e avaliação das vulnerabilidades das redes e dos sistemas que suportam a oferta de serviços, fundamentadas na hierarquização dos elementos necessários à prestação dos serviços. <ref>[http://www.itu.int/en/ITU-D/Cybersecurity/Documents/National_Strategies_Repository/Brazil_2012_Orig.pdf REGULAMENTO SOBRE GESTÃO DE RISCO DAS REDES DE TELECOMUNICAÇÕES E USO DE SERVIÇOS DE TELECOMUNICAÇÕES EM SITUAÇÕES DE EMERGÊNCIA E DESASTRES (2012)]</ref>}}<br /> | ||
+ | ==== [[Bulgaria]] ==== | ||
+ | {{definition|анализ на риска означава отчитане на съответните сценарии за действие при различни заплахи, с цел да се направи оценка на уязвимостта и на потенциалните последици от наруша¬ ването или унищожаването на критична инфраструктура. <ref> [http://eur-lex.europa.eu/legal-content/BG/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}}<br /><br /> | ||
==== [[Canada]] ==== | ==== [[Canada]] ==== | ||
Line 23: | Line 31: | ||
==== [[Croatia]] ==== | ==== [[Croatia]] ==== | ||
− | {{definition|Analiza rizika označava razmatranje mogućih scenarija prijetnji kako bi se ocijenile ranjivosti i mogući učinak poremećaja u radu kritične infrastrukture ili njezina uništenja. <ref>[http://www.zakon.hr/z/591/Zakon-o-kriti%C4%8Dnim-infrastrukturama Zakon o kritičnim infrastrukturama (Critical infrastructure act), 2013, in Official Gazette, No 56/2013 (Croat.)]</ref><br><br>Risk analysis indicates consideration of possible scenarios of [[Threat|threats]] to evaluate the [[vulnerability]] and the potential [[impact]] of disturbances in the critical infrastructure or its destruction.}} | + | {{definition|Analiza rizika označava razmatranje mogućih scenarija prijetnji kako bi se ocijenile ranjivosti i mogući učinak poremećaja u radu kritične infrastrukture ili njezina uništenja. <ref>[http://www.zakon.hr/z/591/Zakon-o-kriti%C4%8Dnim-infrastrukturama Zakon o kritičnim infrastrukturama (Critical infrastructure act), 2013, in Official Gazette, No 56/2013 (Croat.)]</ref><br><br>Risk analysis indicates consideration of possible scenarios of [[Threat|threats]] to evaluate the [[vulnerability]] and the potential [[impact]] of disturbances in the critical infrastructure or its destruction.}}<br /><br /> |
− | <br /> | + | {{definition|Analiza rizika znači razmatranje odgovarajućih scenarija opasnosti kako bi se ocijenile slabosti i mogući učinak poremećaja u radu ili uništenja [[Critical Infrastructure|kritične infrastrukture]]. <ref> [http://eur-lex.europa.eu/legal-content/HR/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}}<br /><br /> |
====[[Czech Republic]]==== | ====[[Czech Republic]]==== | ||
− | {{definition|Proces pochopení povahy rizika a stanovení úrovně rizika. <ref>[http://www.govcert.cz/download/nodeid-561 Výkladový slovník kybernetické bezpečnosti (2013)]</ref><br/><br/>Process of understanding the nature of risks and establishing a risk level. <ref>[http://www.govcert.cz/download/nodeid-3555/ Cyber Security Explanatory Glossary (2013)]</ref>}}<br /> | + | {{definition|Proces pochopení povahy rizika a stanovení úrovně rizika. <ref>[http://www.govcert.cz/download/nodeid-561 Výkladový slovník kybernetické bezpečnosti (2013)]</ref><br/><br/>Process of understanding the nature of risks and establishing a risk level. <ref>[http://www.govcert.cz/download/nodeid-3555/ Cyber Security Explanatory Glossary (2013)]</ref>}}<br /><br/> |
+ | {{definition|Analýzou rizik zvážení relevantních scénářů hrozeb s cílem posoudit zranitelnost a možný dopad narušení nebo zničení [[Critical Infrastructure|kritické infrastruktury]]. <ref>[http://eur-lex.europa.eu/legal-content/CS/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}}<br /><br /> | ||
==== [[Denmark]] ==== | ==== [[Denmark]] ==== | ||
− | {{definition|Risikoanalyse: overvejelse af relevante trusselsscenarier for at vurdere sårbarheden og de potentielle konsekvenser af, at kritisk infrastruktur afbrydes eller ødelægges. <ref>[https://www.retsinformation.dk/Forms/R0710.aspx?id=135381 Bekendtgørelse om identifikation og udpegning af europæisk kritisk infrastruktur på energiområdet og vurdering af behovet for bedre beskyttelse ([[EPCIP]]-direktivet)]</ref>}}<br /> | + | {{definition|Risikoanalyse: overvejelse af relevante trusselsscenarier for at vurdere sårbarheden og de potentielle konsekvenser af, at kritisk infrastruktur afbrydes eller ødelægges. <ref>[https://www.retsinformation.dk/Forms/R0710.aspx?id=135381 Bekendtgørelse om identifikation og udpegning af europæisk kritisk infrastruktur på energiområdet og vurdering af behovet for bedre beskyttelse ([[EPCIP]]-direktivet)]</ref> <ref>[http://eur-lex.europa.eu/legal-content/DA/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}}<br /> |
+ | ==== [[Estonia]] ==== | ||
+ | {{definition|Riskianalüüs” – asjakohaste ohustsenaariumitega arvestamine, eesmärgiga hinnata haavatavust ning elutähtsate [[Critical Infrastructure|infrastruktuuride kahjustada]] saamise või hävimise võimalikku mõju. <ref>[http://eur-lex.europa.eu/legal-content/ET/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}}<br /><br /> | ||
+ | ==== [[Finland]] ==== | ||
+ | {{definition|Riskianalyysillä asiaa koskevien uhkakuvien tarkastelua elintärkeän infrastruktuurin haavoittuvuuden ja sen vahingoittumisen tai tuhoutumisen mahdollisten seurausten arvioimiseksi. <ref>[http://eur-lex.europa.eu/legal-content/FI/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}}<br /><br /> | ||
+ | ==== [[France]] ==== | ||
+ | {{definition|Analyse de risques: examen des scénarios de menace pertinents destiné à évaluer les vulnérabilités d’infrastructures critiques et les impacts potentiels de leur arrêt ou destruction. <ref>[http://eur-lex.europa.eu/legal-content/FR/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}}<br /><br /> | ||
+ | ==== [[Germany]] ==== | ||
+ | {{definition|Risikoanalyse die Prüfung relevanter Bedrohungsszenarien, um die Schwachstellen und mögliche Auswirkungen einer Störung oder Zerstörung [[Critical Infrastructure|kritischer Infrastrukturen]] zu bewerten. <ref> [http://eur-lex.europa.eu/legal-content/DE/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}}<br /><br /> | ||
==== [[Greece]] ==== | ==== [[Greece]] ==== | ||
− | {{definition|Ως «ανάλυση κινδύνων» νοείται η ανάλυση των σχετικών σεναρίων περί απειλών, προκειμένου να αξιολογηθούν τα τρωτά σημεία και οι δυνητικές επιπτώσεις της διακοπής λειτουργίας ή της καταστροφής υποδομών ζωτικής σημασίας.<ref>[http://www.kemea.gr/documents/pd39-2011.pdf Προεδρικό Διάταγμα 39/2011 της Ελληνικής Δημοκρατίας που αφορά την προσαρμογή της ελληνικής νομοθεσίας προς τις διατάξεις τις οδηγίας 2008/114/ΕΚ του Συμβουλίου της Ευρωπαϊκής Ένωσης.]</ref><br /><br />(equals EU definition) }}<br /><br /> | + | {{definition|Ως «ανάλυση κινδύνων» νοείται η ανάλυση των σχετικών σεναρίων περί απειλών, προκειμένου να αξιολογηθούν τα τρωτά σημεία και οι δυνητικές επιπτώσεις της διακοπής λειτουργίας ή της καταστροφής υποδομών ζωτικής σημασίας.<ref>[http://www.kemea.gr/documents/pd39-2011.pdf Προεδρικό Διάταγμα 39/2011 της Ελληνικής Δημοκρατίας που αφορά την προσαρμογή της ελληνικής νομοθεσίας προς τις διατάξεις τις οδηγίας 2008/114/ΕΚ του Συμβουλίου της Ευρωπαϊκής Ένωσης.]</ref> <ref> [http://eur-lex.europa.eu/legal-content/EL/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref><br /><br />(equals EU definition) }}<br /><br /> |
====[[Finland]]==== | ====[[Finland]]==== | ||
{{definition|Riskianalyysi: toiminta, jossa tunnistetaan riskit ja arvioidaan vahinkotapahtuman todennäköisyys sekä odotettavissa olevat vahingot.<br/><br/>Risk analysis is the action for identifying [[risk]] and estimating the probability of a damaging [[event]] as well as anticipated [[damage|damages]]. -''unofficial translation''- <ref name=TSK>[http://www.spek.fi/loader.aspx?id=1c66e01d-a75e-4a9a-80ec-9816340ce752 Vocabulary of Comprehensive Security. Helsinki (TSK 47) (2014)]</ref>}}<br /> | {{definition|Riskianalyysi: toiminta, jossa tunnistetaan riskit ja arvioidaan vahinkotapahtuman todennäköisyys sekä odotettavissa olevat vahingot.<br/><br/>Risk analysis is the action for identifying [[risk]] and estimating the probability of a damaging [[event]] as well as anticipated [[damage|damages]]. -''unofficial translation''- <ref name=TSK>[http://www.spek.fi/loader.aspx?id=1c66e01d-a75e-4a9a-80ec-9816340ce752 Vocabulary of Comprehensive Security. Helsinki (TSK 47) (2014)]</ref>}}<br /> | ||
+ | === [[Hungary]] === | ||
+ | {{definition|Kockázatelemzés: a vonatkozó fenyegetettségi forgató¬ könyvek vizsgálata a kritikus infrastruktúrák sebezhetősé¬ gének, valamint a megzavarásuk vagy megsemmisítésük által okozott potenciális hatásnak az értékelése céljából. <ref> [http://eur-lex.europa.eu/legal-content/HU/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}}<br /><br /> | ||
====[[India]]==== | ====[[India]]==== | ||
− | {{definition|Risk analysis is the process of identifying security risks, determining their magnitude, and identifying areas needing safeguards. <ref>[http://www.dgqadefence.gov.in/documents/pdf/cyber-security-policy-dgqa-2015.pdf India's DGQA Cyber Security Policy (2015)] </ref>}} <br /> | + | {{definition|Risk analysis is the process of identifying security risks, determining their magnitude, and identifying areas needing safeguards. <ref>[http://www.dgqadefence.gov.in/documents/pdf/cyber-security-policy-dgqa-2015.pdf India's DGQA Cyber Security Policy (2015)] </ref>}} <br /><br/> |
+ | |||
+ | ==== [[Ireland]] ==== | ||
+ | {{definition|Risk analysis means consideration of relevant threat scenarios, in order to assess the [[vulnerability]] and the potential [[impact]] of [[disruption]] or [[destruction]] of [[Critical Infrastructure|critical infrastructure]]. <ref> [http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}}<br /><br /> | ||
+ | |||
==== [[Italy]] ==== | ==== [[Italy]] ==== | ||
− | {{definition|Analisi dei rischi: valutazione della vulnerabilita' di una ICE rispetto alle diverse possibili minacce e prevedibili conseguenze del danneggiamento o distruzione della stessa, in termini di effetti negativi esterni e intrinseci. <ref>[http://gazzette.comune.jesi.an.it/2011/102/1.htm DECRETO LEGISLATIVO 11 aprile 2011 , n. 61 Attuazione della Direttiva 2008/114/CE recante l'individuazione e la designazione delle infrastrutture critiche europee e la valutazione della necessita' di migliorarne la protezione. (11G0101]</ref>}} | + | {{definition|Analisi dei rischi: valutazione della vulnerabilita' di una ICE rispetto alle diverse possibili minacce e prevedibili conseguenze del danneggiamento o distruzione della stessa, in termini di effetti negativi esterni e intrinseci. <ref>[http://gazzette.comune.jesi.an.it/2011/102/1.htm DECRETO LEGISLATIVO 11 aprile 2011 , n. 61 Attuazione della Direttiva 2008/114/CE recante l'individuazione e la designazione delle infrastrutture critiche europee e la valutazione della necessita' di migliorarne la protezione. (11G0101]</ref> <ref> [http://eur-lex.europa.eu/legal-content/IT/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}} |
− | <br /> | + | <br /><br /> |
+ | ==== [[Latvia]] ==== | ||
+ | {{definition|Apdraudējumu analīze ir apsvērumi par attiecīgiem apdraudējuma scenārijiem, lai izvērtētu neaizsargātības pakāpi un ietekmi, ko varētu radīt kritiskās infrastruktūras darbības traucējumi vai tās iznīcināšana. <ref>[http://eur-lex.europa.eu/legal-content/LV/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}}<br /><br /> | ||
+ | ==== [[Lithuania]] ==== | ||
+ | {{definition|Rizikos analizė – atitinkamų grėsmės scenarijų nagrinėjimas, siekiant įvertinti ypatingos svarbos infrastruktūros objekto pažeidžiamumą ir veikimo sutrikdymo arba sunaikinimo galimą poveikj. <ref>[http://eur-lex.europa.eu/legal-content/LT/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}}<br /><br /> | ||
==== [[Luxembourg]] ==== | ==== [[Luxembourg]] ==== | ||
− | {{definition|Analyse de risques: examen des scénarios de menace pertinents destiné à évaluer les vulnerabilities [[Critical Infrastructure|d'infrastructures critiques]] et les [[Impact|impacts]] potentiels de leur arrêt ou destruction. <ref>[http://www.legilux.public.lu/rgl/2012/A/0449/A.pdf Règlement grand-ducal du 12 mars 2012 portant application de la directive 2008/114/CE du Conseil du 8 décembre 2008 ]</ref>}} <br /> | + | {{definition|Analyse de risques: examen des scénarios de menace pertinents destiné à évaluer les vulnerabilities [[Critical Infrastructure|d'infrastructures critiques]] et les [[Impact|impacts]] potentiels de leur arrêt ou destruction. <ref>[http://www.legilux.public.lu/rgl/2012/A/0449/A.pdf Règlement grand-ducal du 12 mars 2012 portant application de la directive 2008/114/CE du Conseil du 8 décembre 2008 ]</ref> <ref>[http://eur-lex.europa.eu/legal-content/FR/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}} <br /> |
+ | === [[Malta]] === | ||
+ | {{definition|Analiżi tar-riskju tfisser il-konsiderazzjoni ta’ xenarji ta’ theddid relevanti, sabiex tiġi valutata l-vulnerabbiltà u limpatt potenzjali ta’ interuzzjoni jew qerda ta’ infrastruttura kritika. <ref>[http://eur-lex.europa.eu/legal-content/MT/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}}<br /><br /> | ||
==== [[Netherlands]]==== | ==== [[Netherlands]]==== | ||
{{definition|Risk analysis is a method which takes stock of the [[risk]], which [[risk]] factors are unacceptable, and which [[measure|measures]] can mitigate the risk.<br/><br/>Risicoanalyse is een methode die inventariseert welke risico's er zijn, welke daarvan onacceptabel zijn en welke maatregelen de risico's kunnen reduceren. <ref>[http://www.pblq.nl/media/63123/HEC%20Zakboekje%20preventie%20cybercrime.pdf Zakboekje Preventie Cybercrime (2008]</ref>}}<br /> | {{definition|Risk analysis is a method which takes stock of the [[risk]], which [[risk]] factors are unacceptable, and which [[measure|measures]] can mitigate the risk.<br/><br/>Risicoanalyse is een methode die inventariseert welke risico's er zijn, welke daarvan onacceptabel zijn en welke maatregelen de risico's kunnen reduceren. <ref>[http://www.pblq.nl/media/63123/HEC%20Zakboekje%20preventie%20cybercrime.pdf Zakboekje Preventie Cybercrime (2008]</ref>}}<br /> | ||
+ | {{definition|Risicoanalyse: bestudering van relevante dreigingsscenario’s om de kwetsbaarheid en de mogelijke gevolgen van de verstoring of vernietiging van kritieke infrastructuur te beoordelen. <ref>[http://eur-lex.europa.eu/legal-content/NL/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}} <br /><br /> | ||
+ | === [[Poland]] === | ||
+ | {{definition|Analiza ryzyka oznacza uwzględnianie stosownych metod postępowania w przypadku zaistnienia zagrożeń, aby ocenić słabe punkty i potencjalne skutki zakłócenia lub zniszczenia infrastruktury krytycznej. <ref>[http://eur-lex.europa.eu/legal-content/PL/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}}<br /><br /> | ||
+ | === [[Portugal]] === | ||
+ | {{definition|Análise de risco, a ponderação dos cenários de ameaça relevantes, a fim de avaliar a vulnerabilidade e o potencial impacto da perturbação ou destruição de uma infra-estrutura crítica. <ref>[http://eur-lex.europa.eu/legal-content/PT/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}}<br /><br /> | ||
+ | === [[Romania]] === | ||
+ | {{definition|Analiză de risc înseamnă analizarea scenariilor de amenințări semnificative, pentru a evalua vulnerabilitatea și impactul potențial al perturbării sau al distrugerii infrastructurii critice. <ref>[http://eur-lex.europa.eu/legal-content/RO/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}}<br /><br /> | ||
+ | === [[Slovakia]] === | ||
+ | {{definition|Analýza rizík je zváženie relevantných scenárov hrozieb s cieľom posúdiť zraniteľné miesta a potenciálny vplyv naru¬ šenia alebo zničenia kritickej infraštruktúry. <ref> [http://eur-lex.europa.eu/legal-content/SK/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}}<br /><br /> | ||
+ | === [[Slovenia]] === | ||
+ | {{definition|Analiza tveganja pomeni obravnavo ustreznih scenarijev nevarnosti, da se ocenijo šibke točke in morebitne posledice okvare ali uničenja kritične infrastrukture. <ref> [http://eur-lex.europa.eu/legal-content/SL/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}}<br /><br /> | ||
+ | === [[Spain]] === | ||
+ | {{definition|Análisis de riesgos, el estudio de hipótesis de amenazas posibles, para evaluar las vulnerabilidades y las posibles repercusiones de la perturbación o destrucción de [[Critical Infrastructure|infraestructuras críticas]]. <ref> [http://eur-lex.europa.eu/legal-content/ES/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}}<br /><br /> | ||
+ | === [[Sweden]] === | ||
+ | {{definition|Riskanalys: övervägande av relevanta hotbilder, för att bedöma sårbarhet och potentiella konsekvenser av driftsstörning eller förstörelse av [[Critical Infrastructure|kritisk infrastruktur]]. <ref> [http://eur-lex.europa.eu/legal-content/SV/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}}<br /><br /> | ||
==== [[Switzerland]]==== | ==== [[Switzerland]]==== | ||
Line 60: | Line 104: | ||
{{definition|L'analisi dei rischi rileva e descrive sistematicamente i [[Risk|rischi]] in un determinato sistema. <ref>[http://www.bevoelkerungsschutz.admin.ch/internet/bs/it/home/themen/gefaehrdungen-risiken.parsysrelated1.49227.downloadList.52339.DownloadFile.tmp/20130422glossarit.pdf Glossario sui rischi, Ufficio federale della protezione della popolazione UFPP, 29.4.2013]</ref>}} | {{definition|L'analisi dei rischi rileva e descrive sistematicamente i [[Risk|rischi]] in un determinato sistema. <ref>[http://www.bevoelkerungsschutz.admin.ch/internet/bs/it/home/themen/gefaehrdungen-risiken.parsysrelated1.49227.downloadList.52339.DownloadFile.tmp/20130422glossarit.pdf Glossario sui rischi, Ufficio federale della protezione della popolazione UFPP, 29.4.2013]</ref>}} | ||
Vi rientra la stima del livello dei [[Risk|rischi]], spesso in forma di una classificazione degli scenari considerati in funzione della loro frequenza e dell’�entità dei danni. L'analisi dei rischi cerca di rispondere alla domanda «che cosa potrebbe succedere?».<br/><br/> | Vi rientra la stima del livello dei [[Risk|rischi]], spesso in forma di una classificazione degli scenari considerati in funzione della loro frequenza e dell’�entità dei danni. L'analisi dei rischi cerca di rispondere alla domanda «che cosa potrebbe succedere?».<br/><br/> | ||
+ | === [[United Kingdom]] === | ||
+ | {{definition|Risk analysis means consideration of relevant threat scenarios, in order to assess the [[vulnerability]] and the potential [[impact]] of [[disruption]] or [[destruction]] of [[Critical Infrastructure|critical infrastructure]]. <ref> [http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32008L0114&from=EN Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.]</ref>}}<br /><br /> | ||
====[[United States]]==== | ====[[United States]]==== | ||
Line 94: | Line 140: | ||
[[Category:Risk]] | [[Category:Risk]] | ||
[[Category:Analysis]] | [[Category:Analysis]] | ||
− | {{#set:defined by=EU|defined by=ENISA|defined by=Australia|defined by=Brazil|defined by=Canada|defined by=Croatia|defined by=Czech Republic|defined by=Denmark|defined by=Greece|defined by= | + | {{#set:defined by=EU|defined by=ENISA|defined by=Australia|defined by=Brazil|defined by=Canada|defined by=Austria|defined by=Belgium|defined by=Bulgaria|defined by=Croatia|defined by=Czech Republic|defined by=Denmark|defined by=Estonia|defined by=Finland|defined by=France|defined by=Germany|defined by=Greece|defined by=Hungary|defined by=Ireland|defined by=Italy|defined by=Latvia|defined by= Lithuania|defined by=Luxembourg|defined by=Malta|defined by=Netherlands|defined by=Poland|defined by=Portugal|defined by=Romania|defined by=Slovakia|defined by=Slovenia|defined by=Spain|defined by=Sweden|defined by=United Kingdom|defined by=India|defined by=United States|defined by=Uruguay|defined by=ISO|defined by=IETF|defined by=NIST}} |
Revision as of 00:49, 26 November 2016
Contents
Definitions
European Definitions
Council Directive 2008/114/EC
ENISA
National Definitions
Australia
Austria
Belgium
Brazil
Bulgaria
Canada
Processus mis en œuvre pour comprendre la nature d’un risqué et pour déterminer son niveau. [11]
Croatia
Risk analysis indicates consideration of possible scenarios of threats to evaluate the vulnerability and the potential impact of disturbances in the critical infrastructure or its destruction.
Czech Republic
Process of understanding the nature of risks and establishing a risk level. [15]
Denmark
Estonia
Finland
France
Germany
Greece
(equals EU definition)
Finland
Risk analysis is the action for identifying risk and estimating the probability of a damaging event as well as anticipated damages. -unofficial translation- [25]
Hungary
India
Ireland
Italy
Latvia
Lithuania
Luxembourg
Malta
Netherlands
Risicoanalyse is een methode die inventariseert welke risico's er zijn, welke daarvan onacceptabel zijn en welke maatregelen de risico's kunnen reduceren. [36]
Poland
Portugal
Romania
Slovakia
Slovenia
Spain
Sweden
Switzerland
Dazu gehört die Einschätzung der Höhe der Risiken, oft in Form einer Einstufung der betrachteten Szenarien bzgl. ihrer Eintrittswahrscheinlichkeit und Schadensausmasses.
Die Risikoanalyse befasst sich mit der Frage «was kann passieren?».
L’appréciation du niveau des risques, souvent sous forme d’une classification des scénarios considérés en function de leur [Probability|probabilité]] d’occurrence et de l’ampleur des dommages envisagés en fait partie. L’analyse des risques traite de la question «que peut-il arriver?».
Vi rientra la stima del livello dei rischi, spesso in forma di una classificazione degli scenari considerati in funzione della loro frequenza e dell’�entità dei danni. L'analisi dei rischi cerca di rispondere alla domanda «che cosa potrebbe succedere?».
United Kingdom
United States
NIST
Uruguay
Standard Definition
IETF
ISO/IEC 27000:2014 and ISO 31000:2009
Level of risk is expressed in terms of the combination of consequences and their likelihood.
- Risk analysis provides the basis for Risk Evaluation and decisions about Risk Treatment.
- Risk analysis includes Risk Estimation.
See also
Notes
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ ENISA Risk Glossary
- ↑ Australian Emergency Management Glossary, Emergency Management Australia (1998)
- ↑ Australia AS NZS 5050 (2010)
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ REGULAMENTO SOBRE GESTÃO DE RISCO DAS REDES DE TELECOMUNICAÇÕES E USO DE SERVIÇOS DE TELECOMUNICAÇÕES EM SITUAÇÕES DE EMERGÊNCIA E DESASTRES (2012)
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Derived from ISO 31000:2009
- ↑ Vocabulaire de la gestion des urgencies/Emergency Management Emergency Management Vocabulary 281 (2012)
- ↑ Zakon o kritičnim infrastrukturama (Critical infrastructure act), 2013, in Official Gazette, No 56/2013 (Croat.)
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Výkladový slovník kybernetické bezpečnosti (2013)
- ↑ Cyber Security Explanatory Glossary (2013)
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Bekendtgørelse om identifikation og udpegning af europæisk kritisk infrastruktur på energiområdet og vurdering af behovet for bedre beskyttelse (EPCIP-direktivet)
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Προεδρικό Διάταγμα 39/2011 της Ελληνικής Δημοκρατίας που αφορά την προσαρμογή της ελληνικής νομοθεσίας προς τις διατάξεις τις οδηγίας 2008/114/ΕΚ του Συμβουλίου της Ευρωπαϊκής Ένωσης.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Vocabulary of Comprehensive Security. Helsinki (TSK 47) (2014)
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ India's DGQA Cyber Security Policy (2015)
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ DECRETO LEGISLATIVO 11 aprile 2011 , n. 61 Attuazione della Direttiva 2008/114/CE recante l'individuazione e la designazione delle infrastrutture critiche europee e la valutazione della necessita' di migliorarne la protezione. (11G0101
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Règlement grand-ducal du 12 mars 2012 portant application de la directive 2008/114/CE du Conseil du 8 décembre 2008
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Zakboekje Preventie Cybercrime (2008
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ Leitfaden Schutz kritischer Infrastrukturen 2015 / Glossar der Risikobegriffe, Bundesamt für Bevölkerungsschutz BABS, 29.4.2013
- ↑ Guide pour la protection des infrastructures critiques
- ↑ Glossario sui rischi, Ufficio federale della protezione della popolazione UFPP, 29.4.2013
- ↑ Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.
- ↑ NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013
- ↑ Glossary CERTuy
- ↑ IETF RFC449 Internet Security Glossary 2
- ↑ ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
- ↑ ISO/IEC 31000:2009, Risk management -- Principles and guidelines