Risk Evaluation
Revision as of 17:41, 21 May 2014 by Mtheocharidou (talk | contribs) (Created page with "==Definitions== === Official European Definition === === Other International Definitions === === National Definitions === ===Standard Definition=== ==== ISO/IEC 27000:20...")
Contents
Definitions
Official European Definition
Other International Definitions
National Definitions
Standard Definition
ISO/IEC 27000:2014
Process of comparing the results of risk analysis with risk criteria to determine whether the riskand/or its magnitude is acceptable or tolerable [1](based on the ISO Guide 73:2009[2]).
- Risk criteria are the terms of reference against which the significance of risk is evaluated [2]). They are based on organizational objectives, and external and internal context, and can be derived from standards, laws, policies and other requirements.
- Risk evaluation assists in the decision about [Risk Treatment|risk treatment]].