Difference between revisions of "Risk Management"
(→New Zealand) |
|||
Line 25: | Line 25: | ||
==== Czech Republic ==== | ==== Czech Republic ==== | ||
− | {{definition|Risk management are coordinated activities to manage and control an organization in view of the risks<ref>[http://www.govcert.cz/download/nodeid-1143/ Act No. 181 of 23 July 2014 On Cyber Security and Change of Related Acts (Act on Cyber Security)]</ref>}} | + | {{definition|Risk management are coordinated activities to manage and control an organization in view of the risks. <ref>[http://www.govcert.cz/download/nodeid-1143/ Act No. 181 of 23 July 2014 On Cyber Security and Change of Related Acts (Act on Cyber Security)]</ref>}} |
Koordinované činnosti pro vedení a řízení organizace s ohledem na rizika.<br /> | Koordinované činnosti pro vedení a řízení organizace s ohledem na rizika.<br /> | ||
Line 35: | Line 35: | ||
{{definition|Risk management is the process of analysing exposure to [[risk]], and determining how to manage that exposure. <ref name="CIMS">[http://www.civildefence.govt.nz/assets/Uploads/publications/CIMS-2nd-edition.pdf The New Zealand Coordinated Incident Management System, Department of the Prime Minister and Cabinet, New Zealand. (2014)]</ref>}} | {{definition|Risk management is the process of analysing exposure to [[risk]], and determining how to manage that exposure. <ref name="CIMS">[http://www.civildefence.govt.nz/assets/Uploads/publications/CIMS-2nd-edition.pdf The New Zealand Coordinated Incident Management System, Department of the Prime Minister and Cabinet, New Zealand. (2014)]</ref>}} | ||
The level of risk is arrived at by examining the likelihood and consequences of the hazard and whether the course of action is acceptable for the outcome that needs to be achieved. (Likelihood x Consequences = Risk). <br /> | The level of risk is arrived at by examining the likelihood and consequences of the hazard and whether the course of action is acceptable for the outcome that needs to be achieved. (Likelihood x Consequences = Risk). <br /> | ||
+ | |||
==== Republic of Trinidad & Tobago ==== | ==== Republic of Trinidad & Tobago ==== | ||
{{definition|The systematic approach and practice of managing uncertainty to minimize potential [[harm]] and loss. <ref>[http://www.odpm.gov.tt/sites/default/files/Comprehensive%20Disaster%20Management%20Policy%20Framework%20for%20Trinidad%20and%20Tobago.pdf Comprehensive Disaster Management Policy Framework for Trinidad and Tobago]</ref>}}<br /> | {{definition|The systematic approach and practice of managing uncertainty to minimize potential [[harm]] and loss. <ref>[http://www.odpm.gov.tt/sites/default/files/Comprehensive%20Disaster%20Management%20Policy%20Framework%20for%20Trinidad%20and%20Tobago.pdf Comprehensive Disaster Management Policy Framework for Trinidad and Tobago]</ref>}}<br /> | ||
====United Kingdom (UK)==== | ====United Kingdom (UK)==== | ||
− | {{definition|Risk Management is all activities and structures directed towards the effective assessment and management of [[Risk|risks]] and their potential adverse [[Impact|impacts]]. <ref> [https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/61046/EP_Glossary_amends_18042012_0.pdf Glossary - Revision to Emergency Preparedness, Cabinet Office (2012)]</ref>}} <br /> | + | {{definition|Risk Management is all activities and structures directed towards the effective assessment and management of [[Risk|risks]] and their potential adverse [[Impact|impacts]]. <ref>[https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/61046/EP_Glossary_amends_18042012_0.pdf Glossary - Revision to Emergency Preparedness, Cabinet Office (2012)]</ref>}} <br /> |
====United States==== | ====United States==== | ||
Line 73: | Line 74: | ||
[[Category:Risk]] | [[Category:Risk]] | ||
+ | {{#set:defined by=EU|defined by=NATO|defined by=UNISDR|defined by=Australia|defined by=Canada|defined by=Czech Republic|defined by=Germany|defined by=New Zealand|defined by=Republic of Trinidad & Tobago|defined by=United Kingdom|defined by=United States|defined by=ISO|defined by=NIST}} |
Revision as of 21:39, 10 June 2015
Contents
Definitions
European Definitions
Other International Definitions
NATO CEP / EAPC
UNISDR
According to UNISDR, risk management comprises risk assessment and analysis, and the implementation of strategies and specific actions to control, reduce and transfer risks. It is widely practiced by organizations to minimise risk in investment decisions and to address operational risks such as those of business disruption, production failure, environmental damage, social impacts and damage from fire and natural hazards. Risk management is a core issue for sectors such as water supply, energy and agriculture whose production is directly affected by extremes of weather and climate.
National Definitions
Australia
Canada
Recours à des politiques, à des pratiques et à des ressources pour analyser, évaluer et contrôler les risques pour la santé, la sécurité, l’environnement et l’économie. [6] [7]
Czech Republic
Koordinované činnosti pro vedení a řízení organizace s ohledem na rizika.
Germany
New Zealand
The level of risk is arrived at by examining the likelihood and consequences of the hazard and whether the course of action is acceptable for the outcome that needs to be achieved. (Likelihood x Consequences = Risk).
Republic of Trinidad & Tobago
United Kingdom (UK)
United States
DHS
NIST
Standard Definition
ISO/IEC 27000:2014 and ISO 31000:2009
These standards defines risk management as
(based on the ISO Guide 73:2009[16])
Risk management process is the systematic application of management policies, procedures and practices to the activities of
communicating, consulting, establishing the context and identifying, analysing, evaluating, treating,
monitoring and reviewing risk. [14] (based on the ISO Guide 73:2009 [16]). ISO/IEC 27005 uses the term ‘process’ to describe risk management overall. The elements within the risk management process are termed ‘activities’.
See also
- Disaster Risk
- Risk Analysis
- Risk Assessment
- Risk Identification
- Risk Transfer
- Risk Treatment
- Risk Mitigation
Notes
- ↑ European Commission's CBRN Glossary, 2012
- ↑ [NATO EAPC(SCEPC) lexicon.]
- ↑ 2009 UNISDR Terminology on Disaster Risk Reduction
- ↑ Australian Emergency Management Glossary, Emergency Management Australia (1998)
- ↑ Australia AS NZS 5050 (2010)
- ↑ [http://www.publicsafety.gc.ca/cnt/rsrcs/pblctns/mrgnc-mngmnt-frmwrk/index-eng.aspx An Emergency Management Framework for Canada (Second Edition)
- ↑ Vocabulaire de la gestion des urgencies/Emergency Management Emergency Management Vocabulary 281 (2012)
- ↑ Act No. 181 of 23 July 2014 On Cyber Security and Change of Related Acts (Act on Cyber Security)
- ↑ http://www.kritis.bund.de/SharedDocs/Downloads/Kritis/EN/Baseline%20Protection%20Concept.pdf Protection of Critical Infrastructures – Baseline Protection Concept: Recommendation for Companies, BMI.
- ↑ The New Zealand Coordinated Incident Management System, Department of the Prime Minister and Cabinet, New Zealand. (2014)
- ↑ Comprehensive Disaster Management Policy Framework for Trinidad and Tobago
- ↑ Glossary - Revision to Emergency Preparedness, Cabinet Office (2012)
- ↑ DHS Risk Lexicon 2010 Edition, September 2010
- ↑ 14.0 14.1 ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
- ↑ ISO/IEC 31000:2009, Risk management -- Principles and guidelines
- ↑ 16.0 16.1 ISO Guide 73:2009 Risk management -- Vocabulary