Risk Management (glossary)

From SEBoK
Jump to navigation Jump to search

(1) An organized process for identifying and handling risk factors. (ISO/IEC/IEEE 2010)

(2) an organized means of identifying and measuring risk (risk assessment) and developing, selecting, and managing options (risk analysis) for resolving (risk handling) these risks. (ISO/IEC/IEEE 2010)

(3) organized, analytic process to identify what might cause harm or loss (identify risks); to assess and quantify the identified risks; and to develop and, if needed, implement an appropriate approach to prevent or handle causes of risk that could result in significant harm or loss. (ISO/IEC/IEEE 2010)

(4) coordinated activities to direct and control an organization with regard to risk. (ISO/IEC 2008)

Sources

(1) - (3) ISO/IEC/IEEE. 2010. Systems and Software Engineering - System and Software Engineering Vocabulary (SEVocab). Geneva, Switzerland: International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC)/ Institute of Electrical and Electronics Engineers (IEEE). ISO/IEC/IEEE 24765:2010.

(4) ISO/IEC/IEEE. 2008. Corporate governance of information technology. Geneva, Switzerland: International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC)/ Institute of Electrical and Electronics Engineers (IEEE). ISO/IEC/IEEE 38500:2008.

Discussion

None.

SEBoK v. 2.10, released 06 May 2024