Risk Evaluation
Jump to navigation
Jump to search
Contents
Definitions
European Definitions
Other International Definitions
National Definitions
Australia
Risk evaluation is the process in which judgements are made on the tolerability of the risk on the basis of risk analysis and taking into account factors such as socioeconomic and environmental aspects. [1]
Risk evaluation is the process used to prioritise risks. [1]
Process of comparing the results of risk analysis with risk criteria to determine whether the risk and/or its magnitude is acceptable or tolerable. [2]
Standard Definition
ISO/IEC 27000:2014 and ISO 31000:2009
Process of comparing the results of risk analysis with risk criteria to determine whether the risk and/or its magnitude is acceptable or tolerable [3] [4]
(based on the ISO Guide 73:2009[5])
(based on the ISO Guide 73:2009[5])
- Risk criteria are the terms of reference against which the significance of risk is evaluated [5]. They are based on organizational objectives, and external and internal context, and can be derived from standards, laws, policies and other requirements.
- Risk evaluation assists in the decision about risk treatment.
See also
Notes
- ↑ 1.0 1.1 Australian Emergency Management Glossary, Emergency Management Australia (1998)
- ↑ Australia AS NZS 5050 (2010)
- ↑ ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
- ↑ ISO/IEC 31000:2009, Risk management -- Principles and guidelines
- ↑ 5.0 5.1 ISO Guide 73:2009 Risk management -- Vocabulary