Difference between revisions of "Risk Identification"

From CIPedia
Jump to navigation Jump to search
m (Text replacement - "stakeholder" to "stakeholder")
Line 21: Line 21:
 
{{definition|Process of looking for, recognizing, and describing risks (Proces hledání, rozpoznávání a popisování rizik). <ref> [http://www.govcert.cz/download/nodeid-3555/ Cyber Security Explanatory Glossary (2013)]</ref>}}
 
{{definition|Process of looking for, recognizing, and describing risks (Proces hledání, rozpoznávání a popisování rizik). <ref> [http://www.govcert.cz/download/nodeid-3555/ Cyber Security Explanatory Glossary (2013)]</ref>}}
 
<br />
 
<br />
 
+
==== [[Finland]] ====
 +
{{definition|Risk Identification is a part of [[Risk Analysis]] through which [[risk|risks]] are identified and the probability of a damaging [[event]] is preliminary estimated.<br/><br/>Riskin kartoitus / riskikartoitus: Riskianalyysin osa, jonka avulla tunnistetaan riskit ja alustavasti arvioidaan vahinkotapahtuman todennäköisyys. <ref name="finland">[Palo- ja pelastussanasto. Helsinki: Suomen Pelastusalan Keskusjärjestö ry ja Suomen Palopäällystöliitto, 2006. 350 s. (TSK 33.) ISBN 951-797-215-6; Fire and Rescue Vocabulary. Helsinki: the Finnish National Rescue Association SPEK and the Finnish Association of Fire Chiefs, 2006. 350 p. (TSK 33.) ISBN 951-797-215-6 (In Finnish.)]</ref>}}<br />
 
===Standard Definition===
 
===Standard Definition===
 
==== [[ISO|ISO/IEC 27000:2014 and ISO 31000:2009 ]]====
 
==== [[ISO|ISO/IEC 27000:2014 and ISO 31000:2009 ]]====
Line 45: Line 46:
  
 
[[Category:Risk]]
 
[[Category:Risk]]
{{#set:defined by=ENISA|defined by=Australia|defined by=Canada|defined by=Czech Republic|defined by=ISO}}
+
{{#set:defined by=ENISA|defined by=Australia|defined by=Canada|defined by=Czech Republic|defined by=Finland|defined by=ISO}}

Revision as of 20:26, 22 February 2016

Definitions

European Definitions

ENISA

Risk Identification is the process to find, list and characterize elements of risk (refers to ISO/IEC Guide 73). [1]


Other International Definitions

National Definitions

Australia

Risk identification is the process of determining what can happen, why and how. [2]


Process of finding, recognizing and describing risks. [3]


Canada

The process of finding,recognizing and recording risk. [4]

Processus de recherche, de reconnaissance et d’enregistrement de risques. [5]


Czech Republic

Process of looking for, recognizing, and describing risks (Proces hledání, rozpoznávání a popisování rizik). [6]


Finland

Risk Identification is a part of Risk Analysis through which risks are identified and the probability of a damaging event is preliminary estimated.

Riskin kartoitus / riskikartoitus: Riskianalyysin osa, jonka avulla tunnistetaan riskit ja alustavasti arvioidaan vahinkotapahtuman todennäköisyys. [7]


Standard Definition

ISO/IEC 27000:2014 and ISO 31000:2009

The standard defines risk assessment as

the "process of finding, recognizing and describing risks" [8] [9]. (based on the ISO Guide 73:2009[10])

  • Risk identification involves the identification of risk sources, events, their causes and their potential consequences.
  • Risk identification can involve historical data, theoretical analysis, informed and expert opinions, and stakeholders’ needs.

See also


Notes

  1. ENISA Risk Glossary
  2. Australian Emergency Management Glossary, Emergency Management Australia (1998)
  3. Australia AS NZS 5050 (2010)
  4. Derived from ISO 31000:2009
  5. Vocabulaire de la gestion des urgencies/Emergency Management Emergency Management Vocabulary 281 (2012)
  6. Cyber Security Explanatory Glossary (2013)
  7. [Palo- ja pelastussanasto. Helsinki: Suomen Pelastusalan Keskusjärjestö ry ja Suomen Palopäällystöliitto, 2006. 350 s. (TSK 33.) ISBN 951-797-215-6; Fire and Rescue Vocabulary. Helsinki: the Finnish National Rescue Association SPEK and the Finnish Association of Fire Chiefs, 2006. 350 p. (TSK 33.) ISBN 951-797-215-6 (In Finnish.)]
  8. ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary.
  9. ISO/IEC 31000:2009, Risk management -- Principles and guidelines
  10. ISO Guide 73:2009 Risk management -- Vocabulary