Difference between revisions of "Risk Assessment"
Jump to navigation
Jump to search
(→Netherlands) |
(→Poland) |
||
Line 128: | Line 128: | ||
{{definition|Risk Assessment:<br/>(a) The process of identifying risks to organizational operations including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation, arising through the operation of an information system; <br/>(b) Part of risk management, incorporates threat and vulnerability analyses and considers mitigations provided by security controls planned or in place. <ref>[http://www.dnd.gov.ph/miss/PDF/downloadables/Cybersecurity%20Glossary%20(Edited).pdf DND GLOSSARY OF CYBER SECURITY TERMS (v.4)]</ref>}}<br/><br/> | {{definition|Risk Assessment:<br/>(a) The process of identifying risks to organizational operations including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation, arising through the operation of an information system; <br/>(b) Part of risk management, incorporates threat and vulnerability analyses and considers mitigations provided by security controls planned or in place. <ref>[http://www.dnd.gov.ph/miss/PDF/downloadables/Cybersecurity%20Glossary%20(Edited).pdf DND GLOSSARY OF CYBER SECURITY TERMS (v.4)]</ref>}}<br/><br/> | ||
==== [[Poland]] ==== | ==== [[Poland]] ==== | ||
+ | {{definition|Szacowanie ryzyka – całościowy proces identyfikacji, analizy i oceny [[Risk|ryzyka]]. <ref name=Poland>[http://bip.kprm.gov.pl/download/75/30991/RM-10-64-18.pdf U S TAWA z dnia o krajowym systemie cyberbezpieczeństwa / Polish (draft) law on the national cybersecurity system (2018)]</ref>}}<br /> | ||
+ | |||
{{definition|Risk assessment means the total [[Risk Analysis|risk analysis]], which consists of: risk identification and determination of extent of risks, as well as the risk assessment process. <ref>[http://www.enisa.europa.eu/activities/Resilience-and-CIIP/national-cyber-security-strategies-ncsss/copy_of_PO_NCSS.pdf CYBERSPACE PROTECTION POLICY OF THE REPUBLIC OF POLAND, 2013]</ref>}}<br/> | {{definition|Risk assessment means the total [[Risk Analysis|risk analysis]], which consists of: risk identification and determination of extent of risks, as well as the risk assessment process. <ref>[http://www.enisa.europa.eu/activities/Resilience-and-CIIP/national-cyber-security-strategies-ncsss/copy_of_PO_NCSS.pdf CYBERSPACE PROTECTION POLICY OF THE REPUBLIC OF POLAND, 2013]</ref>}}<br/> | ||
{{definition|Ocena ryzyka: oznacza całościowy, przekrojowy proces identyfikacji ryzyka, analizy ryzyka i szacowanie ryzyka podejmowany na szczeblu krajowym lub odpowiednim niższym szczeblu. <ref>[http://eur-lex.europa.eu/legal-content/PL/TXT/HTML/?uri=CELEX:32013D1313&from=EN DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - PL]</ref>}}<br/><br/> | {{definition|Ocena ryzyka: oznacza całościowy, przekrojowy proces identyfikacji ryzyka, analizy ryzyka i szacowanie ryzyka podejmowany na szczeblu krajowym lub odpowiednim niższym szczeblu. <ref>[http://eur-lex.europa.eu/legal-content/PL/TXT/HTML/?uri=CELEX:32013D1313&from=EN DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - PL]</ref>}}<br/><br/> | ||
+ | |||
==== [[Portugal]] ==== | ==== [[Portugal]] ==== | ||
{{definition|Avaliação de riscos: o processo global e transetorial de identificação, análise e avaliação de riscos realizado a nível nacional ou ao nível subnacional adequado. <ref>[http://eur-lex.europa.eu/legal-content/PT/TXT/HTML/?uri=CELEX:32013D1313&from=EN DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - PT]</ref>}}<br/> | {{definition|Avaliação de riscos: o processo global e transetorial de identificação, análise e avaliação de riscos realizado a nível nacional ou ao nível subnacional adequado. <ref>[http://eur-lex.europa.eu/legal-content/PT/TXT/HTML/?uri=CELEX:32013D1313&from=EN DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - PT]</ref>}}<br/> |
Revision as of 00:26, 3 May 2018
Contents
- 1 Definitions
- 1.1 European Definitions
- 1.2 European Project Definitions
- 1.3 Other International Definitions
- 1.4 National Definitions
- 1.4.1 Argentina
- 1.4.2 Australia
- 1.4.3 Austria
- 1.4.4 Belgium
- 1.4.5 Bosnia and Herzegovina
- 1.4.6 Bulgaria
- 1.4.7 Canada
- 1.4.8 Cape Verde
- 1.4.9 Colombia
- 1.4.10 Croatia
- 1.4.11 Cyprus
- 1.4.12 Czech Republic
- 1.4.13 Denmark
- 1.4.14 Estonia
- 1.4.15 Finland
- 1.4.16 France
- 1.4.17 Germany
- 1.4.18 Greece
- 1.4.19 Hungary
- 1.4.20 India
- 1.4.21 Ireland
- 1.4.22 Italy
- 1.4.23 Japan
- 1.4.24 Kiribati
- 1.4.25 Latvia
- 1.4.26 Lithuania
- 1.4.27 Luxembourg
- 1.4.28 Malta
- 1.4.29 Mexico
- 1.4.30 Netherlands
- 1.4.31 Norway
- 1.4.32 Oman
- 1.4.33 Philippines
- 1.4.34 Poland
- 1.4.35 Portugal
- 1.4.36 Republic of Trinidad & Tobago
- 1.4.37 Romania
- 1.4.38 Slovakia
- 1.4.39 Slovenia
- 1.4.40 Spain
- 1.4.41 Sweden
- 1.4.42 Switzerland
- 1.4.43 United Kingdom (UK)
- 1.4.44 United Arab Emirates
- 1.4.45 United States
- 1.5 Standard Definition
- 1.6 Other Definitions
- 2 See also
- 3 Notes
Definitions
European Definitions
Council of Europe
The determination and presentation (usually in quantitative form) of the potential hazards, and the likelihood and the extent of harm that may result from these hazards.
EU
CBRN Glossary
Overall process of:
* hazard identification (identification of a risk source capable of causing adverse effects to humans or the environment),
* hazard characterization (quantitative evaluation of the nature of the adverse health effects associated with the hazard),
* exposure assessment (evaluation of the likely exposure of man and/or the environment to risk sources), and
* risk characterisation (estimation, including attendant uncertainties, of the probability of occurrence and severity of known or potential adverse health effects in a given population). [2]
* hazard identification (identification of a risk source capable of causing adverse effects to humans or the environment),
* hazard characterization (quantitative evaluation of the nature of the adverse health effects associated with the hazard),
* exposure assessment (evaluation of the likely exposure of man and/or the environment to risk sources), and
* risk characterisation (estimation, including attendant uncertainties, of the probability of occurrence and severity of known or potential adverse health effects in a given population). [2]
1313/2013/EC
Risk assessment means the overall cross-sectoral process of risk identification, risk analysis, and risk evaluation undertaken at national or appropriate sub-national level. [3]
ENISA
Risk Assessment is a scientific and technologically based process consisting of three steps, risk identification, risk analysis and risk evaluation. [4]
European Project Definitions
CIPRNet project
The CIPRNet project [5] uses the following definition:
Other International Definitions
CARICOM
Risk assessment is a methodology to determine the nature and extent of risk by analysing potential hazards and evaluating existing conditions of vulnerability that together could potentially harm exposed people, property, services, livelihoods and the environment on which they depend. [6]
IAEA
Risk assessment is
(1) the overall process of systematically identifying, estimating, analysing and evaluating risk for the purpose of informing priorities, developing or comparing courses of action, and informing decision making.
(2) the overall process of systematically identifying, estimating, analysing and evaluating risk. [7]
(1) the overall process of systematically identifying, estimating, analysing and evaluating risk for the purpose of informing priorities, developing or comparing courses of action, and informing decision making.
(2) the overall process of systematically identifying, estimating, analysing and evaluating risk. [7]
NATO CEP / EAPC
A process of evaluating threats to the vulnerabilities of an asset to give an expert opinion on the probability of loss or damage and its impact, as a guide to taking action. [8]
UNISDR
A methodology to determine the nature and extent of risk by analysing potential hazards and evaluating existing conditions of vulnerability that together could potentially harm exposed people, property, services, livelihoods and the environment on which they depend. [9]
According to UNISDR, risk assessments (and associated risk mapping) include:
- a review of the technical characteristics of hazards such as their location,intensity, frequency and probability;
- the analysis of exposure and vulnerability including the physical social, health, economic and environmental dimensions;
- and the evaluation of the effectiveness of prevailing and alternative coping capacities in respect to likely risk scenarios.
This series of activities is sometimes known as a risk analysis process.
Évaluation des risques: Méthodologie pour déterminer la nature et l’étendue des risques à travers une analyse dis risques potentiels et l’évaluation des conditions existantes de la vulnérabilité qui, associées, pourrait affecter les populations, établissements, servies, subsistance. [10]
Оценка риска: Методика определения природы и масштаба риска посредством анализа потенциальных угроз и оценки существующих условий уязвимости, которые потенциально могут нанести вред подверженным угрозе людям, имуществу, средствам к существованию и окружающей среде, от которой они зависят. [11]
Evaluación del riesgo: Una metodología para determinar la naturaleza y el grado de riesgo a través del análisis de posibles amenazas y la evaluación de las condiciones existentes de vulnerabilidad que conjuntamente podrían dañar potencialmente a la población, la propiedad, los servicios y los medios de sustento expuestos, al igual que el entorno del cual dependen. [12]
تقييم المخاطر : منهجية تحديد طبيعة ومستوى المخاطر عن طريق تحليل الأخطار المحتملة وتقييم الظروف الحالية لمدى القابلية للتضرر، والتى معاً قد تحدث أضرار للأفراد والممتلكات والخدمات وسبل المعيشة والبيئة التى يعتمدون عليها [13]
Pengkajian risiko: Sebuah metodologi untuk menentukan sifat dan cakupan risiko dengan menganalisis potensi ancaman bahaya dan mengevaluasi kondisikondisi kerentanan yang ada yang bersama-sama berpotensi untuk merugikan/merusak penduduk yang terpapar serta harta benda, layanan, penghidupan dan lingkungan tempat mereka bergantung. [14]
Pagtatasa sa Peligro: Pamamaraan upang matukoy ang kalikasan at saklaw ng peligro sa pamamagitan ng pagsusuri sa mga potensyal na panganib at pag-aaral sa umiiral na mga kondisyon ng bulnerabilidad (kahinaan) na magkasama’y matinding makakapinsala sa nakalantad na mga tao, ariarian, serbisyo, kabuhayan at sa kapaligiran kung-saan sila umaasa (depend). [15]
National Definitions
Argentina
Evaluación de Riesgos: Se entiende por evaluación de riesgos a la evaluación de las amenazas y vulnerabilidades relativas a la información y a las instalaciones de procesamiento de la misma, la probabilidad de que ocurran y su potencial impacto en la operatoria del Organismo. [16]
Australia
Austria
Risikobewertung sind den gesamten sektorübergreifenden Prozess der Risikoermittlung, Risikoanalyse und Risikobeurteilung auf nationaler oder geeigneter subnationaler Ebene. [18]
Belgium
Risicobeoordeling: het algemeen sectoroverschrijdend proces van het in kaart brengen, analyseren en beoordelen van risico's op nationaal of een passend subnationaal niveau. [19]
Évaluation des risques: l'ensemble des processus transsectoriels d'identification, d'analyse et d'évaluation des risques mis en œuvre au niveau national ou au niveau infranational approprié. [20]
Bosnia and Herzegovina
Ocjena Rizika: Metodologija kojom se utvrđuje koji mogu nastati, vjerovatnoća njihovog nastanka, posljedice koje mogu izazvati i kojom se iznalaze strategije za eliminiranje ili smanjenje rizika. [21]
Procjena rizika je ukupan proces identifikacije rizika, analize rizika, i Evaluacije rizika. (ISO 31010) [22]
Procjene opasnosti određuju vjerovatnoću nastanka određene opasnosti određenog intenziteta. [23]
Bulgaria
Oценка на риска означава цялостен междусекторен процес за установяване, анализ и оценка на рисковете, който е предприет на национално или подходящо поднационално равнище. [24]
Canada
The overall process of risk identification, risk analysis and risk evaluation. [25]
Ensemble du processus d’identification de risques, d’analyse de risques et d’examen de risques. [26]
Ensemble du processus d’identification de risques, d’analyse de risques et d’examen de risques. [26]
Cape Verde
Avaliação de riscos: Metodologia para determinar a natureza e extensão do risco, analisando os potenciais riscos e avaliando as condições existentes de vulnerabilidade que, juntos, poderiam potencialmente prejudicar as pessoas, bens e, serviços expostos, os meios de subsistência e o meio ambiente do qual dependem. [27]
Colombia
Evaluación del riesgo: Proceso de comparar el riesgo estimado contra criterios de riesgo dados, para determinar la importancia del riesgo. [28]
Croatia
Procjena rizika: znači cjelokupni međusektorski proces utvrđivanja, analize i evaluacije rizika izvršen na nacionalnoj ili odgovarajućoj podnacionalnoj razini. [29]
Cyprus
εκτίμηση κινδύνων: η συνολική διατομεακή διαδικασία εντοπισμού, ανάλυσης και αξιολόγησης κινδύνων που πραγματοποιείται σε εθνικό ή σε ενδεδειγμένο κατώτερο του εθνικού επίπεδο. [30]
Czech Republic
Posuzování rizika: Celkový proces identifikace rizik, analýzy rizik a hodnocení rizik. [31]
Risk assessment is the overall process of risk identification, risk analysis and risk assessment. [32]
Risk assessment is the overall process of risk identification, risk analysis and risk assessment. [32]
Posouzením rizik celkový meziodvětvový proces zjišťování rizik, analýzy rizik a hodnocení rizik prováděný na celostátní nebo odpovídající nižší úrovni. [33]
Denmark
Risikovurdering: den overordnede tværsektorielle proces, hvor risici identificeres, analyseres og vurderes på nationalt eller på et relevant subnationalt niveau. [34]
Estonia
Riskihindamine: üldine valdkondadevaheline riskide kindlakstegemise, analüüsi ja hindamise protsess riiklikul või asjakohasel piirkondlikul tasandil hindamiseks. [35]<
Finland
Riskinarvioinnilla: tarkoitetaan kattavaa eri alojen välistä prosessia, jossa riskit tunnistetaan, analysoidaan ja arvioidaan kansallisella tai asianmukaisella paikallisella tasolla. [36]
France
Évaluation des risques: l'ensemble des processus transsectoriels d'identification, d'analyse et d'évaluation des risques mis en œuvre au niveau national ou au niveau infranational approprié. [37]
Germany
Risikobewertung sind den gesamten sektorübergreifenden Prozess der Risikoermittlung, Risikoanalyse und Risikobeurteilung auf nationaler oder geeigneter subnationaler Ebene. [38]
Die Risikoabschätzung ist ein Verfahren zur Abschätzung des Risikos. [40]
Greece
εκτίμηση κινδύνων: η συνολική διατομεακή διαδικασία εντοπισμού, ανάλυσης και αξιολόγησης κινδύνων που πραγματοποιείται σε εθνικό ή σε ενδεδειγμένο κατώτερο του εθνικού επίπεδο. [41]
Hungary
Kockázatértékelés: a kockázatok azonosításának, a kockázatelemzésnek és a kockázatértékelésnek nemzeti, vagy a megfelelő szubnacionális szinten végzett átfogó, ágazatközi folyamata. [42]
India
Risk assessment is an analysis of system assets and vulnerabilities to establish an expected loss from certain events based on estimated probabilities of the occurrence of those events. [43]
Ireland
Risk assessment is a systematic process of identifying and evaluating, either qualitatively or quantitatively, the risk resulting from specific hazards. [44]
Risk assessment means the overall cross-sectoral process of risk identification, risk analysis, and risk evaluation undertaken at national or appropriate sub-national level. [45]
Italy
Valutazione del rischio: l'intero processo intersettoriale di individuazione, analisi e stima dei rischi a livello nazionale o al livello subnazionale appropriato. [46]
Japan
リスク評価: 価値あるシステム資源とそれらの試算に対する脅威を体系的に識別し、見積もられる頻度と発生時の費用に基づいて損失的露出(すなわち、損失の可能性)を限定し、(オプションとして)「露出全体を最小化するために、対策に資源配分する方法」を推奨する過程.
(Cyber) A process that systematically identifies valuable system resources and threats to those resources, quantifies loss exposures (i.e., loss potential) based on estimated frequencies and costs of occurrence, and (optionally) recommends how to allocate resources to countermeasures so as to minimize total exposure. [47]
(Cyber) A process that systematically identifies valuable system resources and threats to those resources, quantifies loss exposures (i.e., loss potential) based on estimated frequencies and costs of occurrence, and (optionally) recommends how to allocate resources to countermeasures so as to minimize total exposure. [47]
Kiribati
Aanga n tutuo: Taian kawai ake a n kona ni moantaai ni kaota te kanganga imwain rikina n aron makenakin taabo ae e na kona n roko iai te iabuti man taari, aio n ikotaki ma aomata ao tabo n aron te kaawa, auti, maneaba , autin te tautaeka, nnen taian ran ao ran mai iaan tare, aroka ma kaai. [48]
Risk assessment: The technical steps to determine the amount of climate change risk.
Risk assessment: The technical steps to determine the amount of climate change risk.
Latvia
Riska novērtējums: ir vispārējs, dažādas nozares aptverošs riska noteikšanas, riska analīzes un riska novērtēšanas process, ko veic valsts vai attiecīgā vietējā līmenī. [49]
Lithuania
Ankstyvasis perspėjimas: laiku ir veiksmingai pateikiama informacija, pagal kurią galima imtis veiksmų, kad būtų išvengta nelaimės arba sumažinta jos rizika ir išvengta neigiamų jos padarinių arba jie būtų sušvelninti, ir sudarytos palankesnės sąlygos veiksmingam reagavimui būtinai parengčiai užtikrinti. [50]
Luxembourg
Évaluation des risques: l'ensemble des processus transsectoriels d'identification, d'analyse et d'évaluation des risques mis en œuvre au niveau national ou au niveau infranational approprié. [51]
Malta
Valutazzjoni tar-riskju: tfisser il-proċess transsettorjali globali ta' identifikazzjoni tar-riskji, analiżi tar-riskji, u evalwazzjoni tar-riskji li jsir fuq livell nazzjonali jew livell subnazzjonali adatt. [52]
Mexico
Evaluación de riesgo: El proceso de estimar la probabilidad de que ocurra un acontecimiento y la magnitud probable de los efectos adversos (en la seguridad, salud, ecología o financieros), durante un periodo específico. [53]
Netherlands
Risicobeoordeling: het algemeen sectoroverschrijdend proces van het in kaart brengen, analyseren en beoordelen van risico's op nationaal of een passend subnationaal niveau. [54]
[Dutch] Risicobeoordeling: wetenschappelijk gefundeerd proces, bestaande uit vier stappen, te weten gevareninventarisatie, gevarenkarakterisatie, blootstellingschatting en risicokarakterisatie. [56]
[HEALTH sector]
Risico-inschatting: De wetenschappelijke analyse van bekende of potentiële ongewenste gezondheidseffecten die het gevolg zijn van blootstelling aan gevaar. Het proces bestaat uit de volgende stappen: (1) identificatie van gevaar, (2) karakterisering van het gevaar, (3) inschatting van de blootstelling, en (4) karakterisering van het risico. Bij de definitie zijn inbegrepen kwantitatieve risicoschatting, waarbij de nadruk ligt op getalsmatige onderbouwing, en ook kwalitatieve uitdrukking van risico, evenals een indicatie van de aanwezige onzekerheden.
Risk Assessment: The scientific evaluation of known or potential adverse health effects resulting from human exposure hazards. The process consists of the following steps: (1) hazard identification, (2) hazard characterization, (3) exposure assessment, and (4) risk characterization. The definition includes quantitative risk assessment, which emphasizes reliance on numerical expressions of risk, and also qualitative expressions of risk, as well as an indication of the attendant uncertainties). [57]
Risico-inschatting: De wetenschappelijke analyse van bekende of potentiële ongewenste gezondheidseffecten die het gevolg zijn van blootstelling aan gevaar. Het proces bestaat uit de volgende stappen: (1) identificatie van gevaar, (2) karakterisering van het gevaar, (3) inschatting van de blootstelling, en (4) karakterisering van het risico. Bij de definitie zijn inbegrepen kwantitatieve risicoschatting, waarbij de nadruk ligt op getalsmatige onderbouwing, en ook kwalitatieve uitdrukking van risico, evenals een indicatie van de aanwezige onzekerheden.
Risk Assessment: The scientific evaluation of known or potential adverse health effects resulting from human exposure hazards. The process consists of the following steps: (1) hazard identification, (2) hazard characterization, (3) exposure assessment, and (4) risk characterization. The definition includes quantitative risk assessment, which emphasizes reliance on numerical expressions of risk, and also qualitative expressions of risk, as well as an indication of the attendant uncertainties). [57]
Norway
Risikoanalysene i NRB består av: (1) Valg av uønskede hendelser for utvikling av scenarioer, (2) Vurdering av sannsynligheten for at scenarioet vil inntreffe, (3) Kartlegging av sårbahet ved systemer som berøres, (4) Konsekvenser hendelsen eventuelt vil få,(5) Vurdering av usikkerheten. [58]
The risk analyses in the National Risk Assessment (NRA) consist of: (1) Selection of adverse events for the development of scenarios, (2) Assessment of the likelihood that the scenario will occur, (3) Survey of vulnerability in the systems that are affected, (4) The consequences the event may have, (5) Assessment of uncertainty. [59]
The risk analyses in the National Risk Assessment (NRA) consist of: (1) Selection of adverse events for the development of scenarios, (2) Assessment of the likelihood that the scenario will occur, (3) Survey of vulnerability in the systems that are affected, (4) The consequences the event may have, (5) Assessment of uncertainty. [59]
Oman
A Risk Assessment is the process by which risks are identified and the impact of those risks determined. [60]
Philippines
Risk Assessment:
(a) The process of identifying risks to organizational operations including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation, arising through the operation of an information system;
(b) Part of risk management, incorporates threat and vulnerability analyses and considers mitigations provided by security controls planned or in place. [61]
(a) The process of identifying risks to organizational operations including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation, arising through the operation of an information system;
(b) Part of risk management, incorporates threat and vulnerability analyses and considers mitigations provided by security controls planned or in place. [61]
Poland
Risk assessment means the total risk analysis, which consists of: risk identification and determination of extent of risks, as well as the risk assessment process. [63]
Ocena ryzyka: oznacza całościowy, przekrojowy proces identyfikacji ryzyka, analizy ryzyka i szacowanie ryzyka podejmowany na szczeblu krajowym lub odpowiednim niższym szczeblu. [64]
Portugal
Avaliação de riscos: o processo global e transetorial de identificação, análise e avaliação de riscos realizado a nível nacional ou ao nível subnacional adequado. [65]
[Definição] Avaliação do Risco: Identificação das ameaças e vulnerabilidades e realização da análise de risco conexa, ou seja, a análise da probabilidade e do impacto. [66]
Republic of Trinidad & Tobago
A methodology to determine the nature and extent of risk by analysing potential hazards and evaluating existing conditions of vulnerability that together could potentially harm exposed people, property, services, livelihoods and the environment on which they depend. [67]
Romania
Evaluarea riscurilor: înseamnă procesul intersectorial global de identificare, analiză și evaluare a riscurilor, desfășurat la nivel național sau la un nivel subnațional corespunzător. [68]
Slovakia
Posúdenie rizík: znamená celkový medzisektorový proces zisťovania rizík, analýzy rizík a hodnotenia rizík vykonávaný na vnútroštátnej úrovni alebo vhodnej úrovni, ktorá je nižšia, ako vnútroštátna úroveň. [69]
Slovenia
Ocena tveganja" pomeni celoten medsektorski postopek ugotavljanja, analize in evalvacije tveganja na nacionalni ali ustrezni podnacionalni ravni. [70]
Spain
Valuación de riesgos: el proceso general intersectorial de identificación, análisis y evaluación de riesgos realizado en el nivel nacional o en el correspondiente nivel subnacional. [71]
Sweden
Riskbedömning: den samlade sektorsövergripande processen för att identifiera, analysera och utvärdera risker som genomförs på nationell eller lämplig subnationell nivå. [72]
Switzerland
Die Risikobeurteilung umfasst den Prozess der Risikoanalyse und Risikobewertung. [73]
L’évaluation des risques englobe le processus de l’analyse et de l’appréciation des risques. [74]
La valutazione dei rischi comprende il processo di analisi dei rischi e di ponderazione dei rischi. [75]
L’évaluation des risques englobe le processus de l’analyse et de l’appréciation des risques. [74]
La valutazione dei rischi comprende il processo di analisi dei rischi e di ponderazione dei rischi. [75]
United Kingdom (UK)
Risk Assessment is a structured and auditable process of identifying potentially significant events, assessing their likelihood and impacts, and then combining these to provide an overall assessment of risk, as a basis for further decisions and action. [76]
Risk Assessment is an analysis of risks and their mpacts to provide information for decision making. [77]
Often, risk assessment will consider a particular impacted [party], like a building or population. The process usually includes identifying hazards which could have an impact; and assessing the likelihoods and severities of impacts.
Risk assessment means the overall cross-sectoral process of risk identification, risk analysis, and risk evaluation undertaken at national or appropriate sub-national level. [78]
United Arab Emirates
Risk Assessment: The process of assessing security-related risks from internal and external threats to an entity, its assets, or personnel. [79]
United States
DHS
Risk Assessment is a product or process which collects information and assigns values to risks for the purpose of informing priorities, developing or comparing courses of action, and informing decision making. [80]
NFPA-1600
Process of hazard identification, probability analysis, vulnerability analysis, and impacts analysis. [81]
NIST
The process of identifying risks to organizational operations (including mission, functions, image, reputation), organizational assets, individuals, other organizations, and the Nation, resulting from the operation of an information system. [82]
Standard Definition
ISO/IEC 27000:2014, ISO 31000:2009 and ISO 22301:2012
The standard defines risk assessment as
Risk Assessment is the "overall process of risk identification, risk analysis and risk evaluation. [83] [84] [85] (based on the ISO Guide 73:2009 [86])
Other Definitions
Ontario (Canada)
Risk assessment is a methodology to determine the nature and extent of risk by analyzing potential hazards and the evaluation of vulnerabilities and consequences. [87]
Évaluation des risques: méthodologie visant à déterminer la nature et l’étendue des risques au moyen de l’analyse des risques potentiels et de l’évaluation des vulnérabilités et des conséquences. [87]
Évaluation des risques: méthodologie visant à déterminer la nature et l’étendue des risques au moyen de l’analyse des risques potentiels et de l’évaluation des vulnérabilités et des conséquences. [87]
World Economic Forum
The process which an organization is engaged in to analyse, evaluate and understand the spectrum of risks, their potential likelihood and their severity in order to enable it to act to mitigate unacceptable risk to the organization. [88]
See also
Notes
- ↑ GLOSSAIRE MULTILINGUE DE LA GESTION DU RISQUE pour usagers francophones (2007)/European Centre of Technological Safety (TESEC) - TESEC-EUR-OPA 2001)
- ↑ European Commission's CBRN Glossary, 2012
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - EN
- ↑ ENISA Risk Glossary
- ↑ http://www.ciprnet.eu/
- ↑ Caribbean Disaster Emergency Management Agency (CDEMA) Regional Comprehensive Disaster Management Strategy and Results Framework 2014-2024
- ↑ IAEA - Nuclear Security Series Glossary Version 1.3 (November 2015)
- ↑ NATO EAPC(SCEPC) lexicon 2003.
- ↑ 2009 UNISDR Terminology on Disaster Risk Reduction
- ↑ UNISDR glossary
- ↑ UNISDR glossary
- ↑ UNISDR glossary
- ↑ UNISDR glossary
- ↑ UNISDR glossary in Bahasa
- ↑ UNISDR glossary in Tagalog
- ↑ Oficina Nacional de Tecnologías de Información ADMINISTRACION PUBLICA NACIONAL Disposición 3/2013 - Apruébase la “Política de Seguridad de la Información Modelo” (2013)
- ↑ Australia AS NZS 5050 (2010)
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - DE
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - NL
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - FR
- ↑ GLOSAR POJMOVA
- ↑ RADNA VERZIJA OSOBLJA KOMISIJE: Procjena rizika i mapiranje smernice za upravljanje katastrofama
- ↑ RADNA VERZIJA OSOBLJA KOMISIJE: Procjena rizika i mapiranje smernice za upravljanje katastrofama
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - BG
- ↑ Derived from ISO 31000:2009
- ↑ Vocabulaire de la gestion des urgencies/Emergency Management Emergency Management Vocabulary 281 (2012)
- ↑ Avaliação das Necessidades Pós- Desastre (PDNA) ERUPÇÃO VULCÂNICA NO FOGO 2014-2015, Cape Verde
- ↑ Glosario MINTIC – ICT Ministry of Colombia; source: NTC-ISO /IEC 27001
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - HR
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism – EL
- ↑ Act No. 181 of 23 July 2014 On Cyber Security and Change of Related Acts (Act on Cyber Security)
- ↑ Výkladový slovník kybernetické bezpečnosti (2013)
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - CS
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - DA
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - ET
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - FI
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - FR
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - DE
- ↑ Glossar BBK
- ↑ Glossar, Das Bundesamt für Bevölkerungsschutz und Katastrophenhilfe (BBK)
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism – EL
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - HU
- ↑ India's DGQA Cyber Security Policy (2015)
- ↑ A FRAMEWORK FOR MAJOR EMERGENCY MANAGEMENT (APPENDICES)
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - IT
- ↑ RFC2828 (Japanese translation)
- ↑ Kiribati BI-LINGUAL GLOSSARY OF CLIMATE CHANGE TERMS, Original translations by Dr Temakei Tebano & Etita Teiabauri, 2008
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - LV
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - LT
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - FR
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - MT
- ↑ GUÍA PARA LA PRESENTACIÓN DEL ESTUDIO DE RIESGO MODALIDAD ANALISIS DE RIESGO, Mexico
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - NL
- ↑ Risicobeoordeling 16.0: Een kansrijk kader; Theorie achter het risicomanagementproces en leidraad voor risicobeoordeling, June 2015
- ↑ Wet onafhankelijke risicobeoordeling Nederlandse Voedsel- en Warenautoriteit
- ↑ Patiëntveiligheid Definitielijst (2005)
- ↑ DSB, National Risikobild 2014
- ↑ DSB, National Risk Analysis 2014
- ↑ Oman CERT Glossary
- ↑ DND GLOSSARY OF CYBER SECURITY TERMS (v.4)
- ↑ U S TAWA z dnia o krajowym systemie cyberbezpieczeństwa / Polish (draft) law on the national cybersecurity system (2018)
- ↑ CYBERSPACE PROTECTION POLICY OF THE REPUBLIC OF POLAND, 2013
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - PL
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - PT
- ↑ Glossário Centro National de Cibersegurança Portugal
- ↑ Comprehensive Disaster Management Policy Framework for Trinidad and Tobago
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - RO
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - SK
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - SL
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - ES
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism - SV
- ↑ Glossar der Risikobegriffe, Bundesamt für Bevölkerungsschutz BABS, 29.4.2013
- ↑ Glossaire des risques, Office fédéral de la protection de la population, 29.4.2013
- ↑ Glossario sui rischi, Ufficio federale della protezione della popolazione UFPP, 29.4.2013
- ↑ Glossary - Revision to Emergency Preparedness, Cabinet Office (2012)
- ↑ The National Adaptation Programme: Making the country resilient to a changing climate, UK Government (2013)
- ↑ DECISION No 1313/2013/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 December 2013 on a Union Civil Protection Mechanism
- ↑ Abu Dhabi Safety and Security Planning Manual
- ↑ DHS Risk Lexicon 2010 Edition, September 2010
- ↑ NFPA-1600
- ↑ NIST Special Publication 800-53 Rev 4: Security and Privacy Controls for Federal Information Systems and Organizations (April 2013)
- ↑ ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
- ↑ ISO/IEC 31000:2009, Risk management -- Principles and guidelines
- ↑ ISO 22301:2012 Societal security -- Business continuity management systems --- Requirements
- ↑ ISO Guide 73:2009 Risk management -- Vocabulary
- ↑ 87.0 87.1 Province of Ontario’s Emergency Management Glossary of Terms
- ↑ WEF Partnering for Cyber Resilience Guidelines (2012)