Difference between revisions of "Risk Evaluation"
Jump to navigation
Jump to search
(Created page with "==Definitions== === Official European Definition === === Other International Definitions === === National Definitions === ===Standard Definition=== ==== ISO/IEC 27000:20...") |
(→ISO/IEC 27000:2014) |
||
Line 14: | Line 14: | ||
* Risk criteria are the terms of reference against which the significance of [[risk]] is evaluated <ref name="ISOGuide73">[http://www.iso.org/iso/catalogue_detail?csnumber=44651 ISO Guide 73:2009 Risk management -- Vocabulary]</ref>). They are based on organizational objectives, and external and internal context, and can be derived from standards, laws, policies and other requirements. | * Risk criteria are the terms of reference against which the significance of [[risk]] is evaluated <ref name="ISOGuide73">[http://www.iso.org/iso/catalogue_detail?csnumber=44651 ISO Guide 73:2009 Risk management -- Vocabulary]</ref>). They are based on organizational objectives, and external and internal context, and can be derived from standards, laws, policies and other requirements. | ||
− | * Risk evaluation assists in the decision about [Risk Treatment|risk treatment]]. | + | * Risk evaluation assists in the decision about [[Risk Treatment|risk treatment]]. |
==See also== | ==See also== |
Revision as of 17:41, 21 May 2014
Contents
Definitions
Official European Definition
Other International Definitions
National Definitions
Standard Definition
ISO/IEC 27000:2014
Process of comparing the results of risk analysis with risk criteria to determine whether the riskand/or its magnitude is acceptable or tolerable [1](based on the ISO Guide 73:2009[2]).
- Risk criteria are the terms of reference against which the significance of risk is evaluated [2]). They are based on organizational objectives, and external and internal context, and can be derived from standards, laws, policies and other requirements.
- Risk evaluation assists in the decision about risk treatment.