Difference between revisions of "Risk Identification"
Jump to navigation
Jump to search
(→ISO/IEC 27000:2014 and ISO 31000:2009) |
(→National Definitions) |
||
Line 7: | Line 7: | ||
=== National Definitions === | === National Definitions === | ||
− | + | ====Czech Republic==== | |
+ | {{definition|Process of looking for, recognizing, and describing risks (Proces hledání, rozpoznávání a popisování rizik)<ref> [http://www.govcert.cz/download/nodeid-3555/ Cyber Security Explanatory Glossary (2013)]</ref>}} | ||
+ | <br /> | ||
===Standard Definition=== | ===Standard Definition=== |
Revision as of 01:57, 24 April 2015
Contents
Definitions
European Definitions
Other International Definitions
National Definitions
Czech Republic
Process of looking for, recognizing, and describing risks (Proces hledání, rozpoznávání a popisování rizik)[1]
Standard Definition
ISO/IEC 27000:2014 and ISO 31000:2009
The standard defines risk assessment as
the "process of finding, recognizing and describing risks" [2] [3]. (based on the ISO Guide 73:2009[4]).
- Risk identification involves the identification of risk sources, events, their causes and their potential consequences.
- Risk identification can involve historical data, theoretical analysis, informed and expert opinions, and stakeholders’ needs.
See also