Difference between revisions of "Risk Identification"

From CIPedia
Jump to navigation Jump to search
(ISO/IEC 27000:2014 and ISO 31000:2009)
(National Definitions)
Line 7: Line 7:
  
 
=== National Definitions ===
 
=== National Definitions ===
 
+
====Czech Republic====
 +
{{definition|Process of looking for, recognizing, and describing risks (Proces hledání, rozpoznávání a popisování rizik)<ref> [http://www.govcert.cz/download/nodeid-3555/ Cyber Security Explanatory Glossary (2013)]</ref>}}
 +
<br />
  
 
===Standard Definition===
 
===Standard Definition===

Revision as of 00:57, 24 April 2015

Definitions

European Definitions

Other International Definitions

National Definitions

Czech Republic

Process of looking for, recognizing, and describing risks (Proces hledání, rozpoznávání a popisování rizik)[1]


Standard Definition

ISO/IEC 27000:2014 and ISO 31000:2009

The standard defines risk assessment as

the "process of finding, recognizing and describing risks" [2] [3]. (based on the ISO Guide 73:2009[4]).

  • Risk identification involves the identification of risk sources, events, their causes and their potential consequences.
  • Risk identification can involve historical data, theoretical analysis, informed and expert opinions, and stakeholders’ needs.

See also


Notes