Difference between revisions of "Risk Tolerance"

From CIPedia
Jump to navigation Jump to search
(Kingdom of Saudi Arabia)
(Notes)
 
(2 intermediate revisions by the same user not shown)
Line 29: Line 29:
 
Note: the concept of risk tolerance is linked to the concept of [[Risk Perception]].
 
Note: the concept of risk tolerance is linked to the concept of [[Risk Perception]].
  
 +
=== [[Dictionary]]===
 +
{{definition|Risicobereidheid: De hoeveelheid en het soort risico dat een organisatie bereid is. <ref>[https://www.cybersecurityalliantie.nl/ecp_images/2021/12/Cybersecurity-Woordenboek-2021_ZonderSpreads.pdf Cybersecurity Woordenboek 2021]</ref>}}<br/><br/>
 +
{{#set:defined by=Dictionary}}
 
==See also==
 
==See also==
 
* [[Risk]]
 
* [[Risk]]
Line 36: Line 39:
 
* [[Risk Reduction]]
 
* [[Risk Reduction]]
 
*[[Subjective Risk]]
 
*[[Subjective Risk]]
 
  
 
==Notes==
 
==Notes==
 +
==References==
 
<references />
 
<references />
 
<!--
 
==References==
 
* Test reference. -->
 
 
[[Category:Human Aspects]]
 
[[Category:Human Aspects]]
 
[[Category:Risk]]
 
[[Category:Risk]]
 
{{#set:defined by=ITU-T|defined by=Canada|defined by=Kingdom of Saudi Arabia|defined by=Philippines|defined by=United States|defined by=NIST|defined by=ISO|defined by=US-CERT}}
 
{{#set:defined by=ITU-T|defined by=Canada|defined by=Kingdom of Saudi Arabia|defined by=Philippines|defined by=United States|defined by=NIST|defined by=ISO|defined by=US-CERT}}
 +
{{#set: Showmainpage=Yes}}

Latest revision as of 11:54, 15 August 2022

Definitions

European Definitions

Other International Definitions

ITU-T

Risk tolerance means the degree of exposure to security risk acceptable to policy makers/business owners. [1]


National Definitions

Canada

The willingness of an organization to accept or reject a given level of residual risk. [2]

Note: Risk tolerance may differ across an organization, but must be clearly understood by those making risk-related decisions.

Kingdom of Saudi Arabia

Risk tolerance: The acceptable variation relative to performance to the achievement of objectives. [3]



Philippines

Risk Tolerance:
(a) The level of risk an entity is willing to assume in order to achieve a potential desired result;
(b) The defined impacts to an enterprise‘s information systems that an entity is willing to accept. [4]



United States

NIST
The level of risk an entity is willing to assume in order to achieve a potential desired result. [5]


US-CERT
Risk Tolerance: Thresholds that reflect the organization’s level of risk aversion by providing levels of acceptable risk in each operational risk category that the organization has established. [6]


Standard Definition

ISO Guide 73:2009(en)

Organization's or stakeholder's readiness to bear the risk after risk treatment in order to achieve its objectives [7]

Academic Definitions

Risk Tolerance refers to a person’s capacity to accept a certain amount of risk. [8].

Note: the concept of risk tolerance is linked to the concept of Risk Perception.

Dictionary

Risicobereidheid: De hoeveelheid en het soort risico dat een organisatie bereid is. [9]



See also

Notes

References