Difference between revisions of "Risk Treatment"

From CIPedia
Jump to navigation Jump to search
(ISO/IEC 27000:2014)
Line 12: Line 12:
 
==== [[Australia]] ====  
 
==== [[Australia]] ====  
 
{{definition| Risk treatment is the selection and implementation of appropriate options for dealing with risk.  <ref name="MAIMAus">[https://www.em.gov.au/Documents/Manual03-AEMGlossary.PDF Australian Emergency Management Glossary, Emergency Management Australia (1998)]</ref>}}  
 
{{definition| Risk treatment is the selection and implementation of appropriate options for dealing with risk.  <ref name="MAIMAus">[https://www.em.gov.au/Documents/Manual03-AEMGlossary.PDF Australian Emergency Management Glossary, Emergency Management Australia (1998)]</ref>}}  
<br />
+
<br /><br/>
 
==== [[Czech Republic]] ====
 
==== [[Czech Republic]] ====
{{definition| Zvládání rizika, ošetření rizika: proces pro modifikování (změnu) rizika. <ref>[http://www.govcert.cz/download/nodeid-561  Výkladový slovník kybernetické bezpečnosti (2013)]</ref> <br/><br/> Risk treatment is the process to modify (change) a [[risk]]. <ref>[http://www.govcert.cz/download/nodeid-561  Výkladový slovník kybernetické bezpečnosti (2013)]</ref>}}<br/>
+
{{definition| Zvládání rizika, ošetření rizika: proces pro modifikování (změnu) rizika. <ref>[http://www.govcert.cz/download/nodeid-561  Výkladový slovník kybernetické bezpečnosti (2013)]</ref> <br/><br/> Risk treatment is the process to modify (change) a [[risk]]. <ref>[http://www.govcert.cz/download/nodeid-561  Výkladový slovník kybernetické bezpečnosti (2013)]</ref>}}<br/><br/>
 
+
==== [[Netherlands]]====
 +
{{definition|[Dutch] Riscobehandeling is het proces waarbij [[Risk|risico’s]] worden weggenomen en de kans of het effect ervan wordt beperkt. <ref>[https://www.brandweer.nl/publish/pages/risico_beoordeling_16_0_bhm_2015.pdf Risicobeoordeling 16.0: Een kansrijk kader; Theorie achter het risicomanagementproces en leidraad voor risicobeoordeling, June 2015]</ref>}}<br /><br/>
 
===Standard Definition===
 
===Standard Definition===
 
==== [[ISO|ISO/IEC 27000:2014]] ====
 
==== [[ISO|ISO/IEC 27000:2014]] ====
Line 47: Line 48:
  
 
[[Category:Risk]]
 
[[Category:Risk]]
{{#set:defined by=ENISA|defined by=Argentina|defined by=Australia|defined by=Czech Republic|defined by=ISO}}
+
{{#set:defined by=ENISA|defined by=Argentina|defined by=Australia|defined by=Czech Republic|defined by=Netherlands|defined by=ISO}}

Revision as of 01:47, 4 December 2016

Definitions

European Definitions

ENISA

Risk treatment is the process of selection and implementation of measures to modify risk (refers to ISO/IEC Guide 73). [1]


Other International Definitions

National Definitions

Argentina

Tratamiento de Riesgos: Proceso de selección e implementación de medidas para modificar el riesgo. [2]



Australia

Risk treatment is the selection and implementation of appropriate options for dealing with risk. [3]



Czech Republic

Zvládání rizika, ošetření rizika: proces pro modifikování (změnu) rizika. [4]

Risk treatment is the process to modify (change) a risk. [5]



Netherlands

[Dutch] Riscobehandeling is het proces waarbij risico’s worden weggenomen en de kans of het effect ervan wordt beperkt. [6]



Standard Definition

ISO/IEC 27000:2014

Process to modify risk. [7](based on the ISO Guide 73:2009 [8])

Risk treatment can involve:

  • avoiding the risk by deciding not to start or continue with the activity that gives rise to the risk;
  • taking or increasing risk in order to pursue an opportunity;
  • removing the risk source;
  • changing the likelihood;
  • changing the consequences;
  • sharing the risk with another party or parties (including contracts and risk financing) (see Risk Transfer); and
  • retaining the risk by informed choice.

Risk treatments that deal with negative consequences are sometimes referred to as “Risk Mitigation”, “Risk Elimination”, “Risk Prevention” and “Risk Reduction”.

Risk treatment can create new risks or modify existing risks.

See also

Notes