Risk Assessment
Jump to navigation
Jump to search
Contents
Definitions
European Definitions
Overall process of:
* hazard identification (identification of a risk source capable of causing adverse effects to humans or the environment),
* hazard characterization (quantitative evaluation of the nature of the adverse health effects associated with the hazard),
* exposure assessment (evaluation of the likely exposure of man and/or the environment to risk sources), and
* risk characterisation (estimation, including attendant uncertainties, of the probability of occurrence and severity of known or potential adverse health effects in a given population). [1]
* hazard identification (identification of a risk source capable of causing adverse effects to humans or the environment),
* hazard characterization (quantitative evaluation of the nature of the adverse health effects associated with the hazard),
* exposure assessment (evaluation of the likely exposure of man and/or the environment to risk sources), and
* risk characterisation (estimation, including attendant uncertainties, of the probability of occurrence and severity of known or potential adverse health effects in a given population). [1]
Other International Definitions
NATO CEP / EAPC
A process of evaluating threats to the vulnerabilities of an asset to give an expert opinion on the probability of loss or damage and its impact, as a guide to taking action. [2]
UNISDR
A methodology to determine the nature and extent of risk by analysing potential hazards and evaluating existing conditions of vulnerability that together could potentially harm exposed people, property, services, livelihoods and the environment on which they depend. [3]
According to UNISDR, risk assessments (and associated risk mapping) include:
- a review of the technical characteristics of hazards such as their location,intensity, frequency and probability;
- the analysis of exposure and vulnerability including the physical social, health, economic and environmental dimensions;
- and the evaluation of the effectiveness of prevailing and alternative coping capacities in respect to likely risk scenarios.
This series of activities is sometimes known as a risk analysis process.
World Economic Forum
The process which an organization is engaged in to analyse, evaluate and understand the spectrum of risks, their potential likelihood and their severity in order to enable it to act to mitigate unacceptable risk to the organization. [4]
National Definitions
Australia
Czech Republic
Overall process of risk identification, risk analysis and risk assessment. [6]
Celkový proces identifikace rizik, analýzy rizik a hodnocení rizik.
Poland
Risk assessment means the total risk analysis, which consists of: risk identification and determination of extent of risks, as well as the risk assessment process. [7]
United Kingdom (UK)
Risk Assessment is a structured and auditable process of identifying potentially significant events, assessing their likelihood and impacts, and then combining these to provide an overall assessment of risk, as a basis for further decisions and action. [8]
United States
DHS
Risk Assessment is a product or process which collects information and assigns values to risks for the purpose of informing priorities, developing or comparing courses of action, and informing decision making. [9]
NFPA-1600
Process of hazard identification, probability analysis, vulnerability analysis, and impacts analysis. [10]
Other Definitions
Ontario (Canada)
Risk assessment is a methodology to determine the nature and extent of risk by analyzing potential hazards and the evaluation of vulnerabilities and consequences. [11]
Évaluation des risques: méthodologie visant à déterminer la nature et l’étendue des risques au moyen de l’analyse des risques potentiels et de l’évaluation des vulnérabilités et des conséquences. [11]
Standard Definition
ISO/IEC 27000:2014 and ISO 31000:2009
The standard defines risk assessment as
the "overall process of risk identification, risk analysis and risk evaluation. [12] [13] (based on the ISO Guide 73:2009 [14])
See also
Notes
- ↑ European Commission's CBRN Glossary, 2012
- ↑ NATO EAPC(SCEPC) lexicon 2003.
- ↑ 2009 UNISDR Terminology on Disaster Risk Reduction
- ↑ WEF Partnering for Cyber Resilience Guidelines 2012
- ↑ Australia AS NZS 5050 (2010)
- ↑ Act No. 181 of 23 July 2014 On Cyber Security and Change of Related Acts (Act on Cyber Security)
- ↑ CYBERSPACE PROTECTION POLICY OF THE REPUBLIC OF POLAND, 2013
- ↑ Glossary - Revision to Emergency Preparedness, Cabinet Office (2012)
- ↑ DHS Risk Lexicon 2010 Edition, September 2010
- ↑ NFPA-1600
- ↑ 11.0 11.1 Province of Ontario’s Emergency Management Glossary of Terms
- ↑ ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
- ↑ ISO/IEC 31000:2009, Risk management -- Principles and guidelines
- ↑ ISO Guide 73:2009 Risk management -- Vocabulary
