Difference between revisions of "Risk Identification"

From CIPedia
Jump to navigation Jump to search
m (Text replacement - "stakeholder" to "stakeholder")
Line 28: Line 28:
 
<big>
 
<big>
 
* Risk identification involves the identification of risk sources, events, their causes and their potential consequences.
 
* Risk identification involves the identification of risk sources, events, their causes and their potential consequences.
* Risk identification can involve historical data, theoretical analysis, informed and expert opinions, and stakeholders’ needs.</big>
+
* Risk identification can involve historical data, theoretical analysis, informed and expert opinions, and [[stakeholder]]s’ needs.</big>
  
 
==See also==
 
==See also==

Revision as of 10:20, 23 July 2015

Definitions

European Definitions

ENISA

Risk Identification is the process to find, list and characterize elements of risk (refers to ISO/IEC Guide 73). [1]


Other International Definitions

National Definitions

Australia

Risk identification is the process of determining what can happen, why and how. [2]


Process of finding, recognizing and describing risks. [3]


Canada

The process of finding,recognizing and recording risk. [4]

Processus de recherche, de reconnaissance et d’enregistrement de risques. [5]


Czech Republic

Process of looking for, recognizing, and describing risks (Proces hledání, rozpoznávání a popisování rizik). [6]


Standard Definition

ISO/IEC 27000:2014 and ISO 31000:2009

The standard defines risk assessment as

the "process of finding, recognizing and describing risks" [7] [8]. (based on the ISO Guide 73:2009[9])

  • Risk identification involves the identification of risk sources, events, their causes and their potential consequences.
  • Risk identification can involve historical data, theoretical analysis, informed and expert opinions, and stakeholders’ needs.

See also


Notes