Risk Tolerance
Revision as of 14:27, 24 November 2016 by Mtheocharidou (talk | contribs)
Contents
Definitions
European Definitions
Other International Definitions
ITU-T
Risk tolerance means the degree of exposure to security risk acceptable to policy makers/business owners. [1]
National Definitions
United States
NIST
The level of risk an entity is willing to assume in order to achieve a potential desired result. [2]
Standard Definition
ISO Guide 73:2009(en)
Organization's or stakeholder's readiness to bear the risk after risk treatment in order to achieve its objectives [3]
Academic Definitions
Note: the concept of risk tolerance is linked to the concept of Risk Perception.
See also
Notes
- ↑ ITU Study Group Q.22/1 Report on Best Practices for a National Approach to Cybersecurity: A Management Framework for Organizing National Cybersecurity Efforts, ITU-D Secretariat, Geneva (2008).
- ↑ NISTIR 7298 rev 2: Glossary of Key Information Security Terms, May 2013
- ↑ ISO Guide 73:2009 Risk management -- Vocabulary
- ↑ Campbell Institute (2014). Risk perception: Theories, strategies and next steps.