Risk Evaluation

From CIPedia
Revision as of 23:34, 29 May 2015 by Eluiijf (talk | contribs) (Standard Definition)
Jump to navigation Jump to search

Definitions

European Definitions

Other International Definitions

National Definitions

Australia

Risk evaluation is the process in which judgements are made on the tolerability of the risk on the basis of risk analysis and taking into account factors such as socioeconomic and environmental aspects. [1]


Risk evaluation is the process used to prioritise risks. [1]


Process of comparing the results of risk analysis with risk criteria to determine whether the risk and/or its magnitude is acceptable or tolerable. [2]


Standard Definition

ISO/IEC 27000:2014 and ISO 31000:2009

Process of comparing the results of risk analysis with risk criteria to determine whether the risk and/or its magnitude is acceptable or tolerable [3] [4]
(based on the ISO Guide 73:2009[5])

  • Risk criteria are the terms of reference against which the significance of risk is evaluated [5]. They are based on organizational objectives, and external and internal context, and can be derived from standards, laws, policies and other requirements.
  • Risk evaluation assists in the decision about risk treatment.

See also

Notes

  1. 1.0 1.1 Australian Emergency Management Glossary, Emergency Management Australia (1998)
  2. Australia AS NZS 5050 (2010)
  3. ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
  4. ISO/IEC 31000:2009, Risk management -- Principles and guidelines
  5. 5.0 5.1 ISO Guide 73:2009 Risk management -- Vocabulary
Retrieved from "https://websites.fraunhofer.de/CIPedia/index.php?title=Risk_Evaluation&oldid=2693"