Risk Evaluation
Contents
Definitions
Official European Definition
Other International Definitions
National Definitions
Standard Definition
ISO/IEC 27000:2014
Process of comparing the results of risk analysis with risk criteria to determine whether the riskand/or its magnitude is acceptable or tolerable [1](based on the ISO Guide 73:2009[2]).
- Risk criteria are the terms of reference against which the significance of risk is evaluated [2]). They are based on organizational objectives, and external and internal context, and can be derived from standards, laws, policies and other requirements.
- Risk evaluation assists in the decision about risk treatment.