Difference between revisions of "Risk Management (glossary)"
m (Text replacement - "SEBoK v. 2.9, released 13 November 2023" to "SEBoK v. 2.9, released 20 November 2023") |
|||
(15 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
− | <blockquote> | + | <blockquote>''(1) An organized process for identifying and handling risk factors.'' (ISO/IEC/IEEE 2010)</blockquote> |
− | + | <blockquote>''(2) an organized means of identifying and measuring risk (risk assessment) and developing, selecting, and managing options (risk analysis) for resolving (risk handling) these risks.'' (ISO/IEC/IEEE 2010)</blockquote> | |
− | + | <blockquote>''(3) organized, analytic process to identify what might cause harm or loss (identify risks); to assess and quantify the identified risks; and to develop and, if needed, implement an appropriate approach to prevent or handle causes of risk that could result in significant harm or loss.'' (ISO/IEC/IEEE 2010) </blockquote> | |
− | + | <blockquote>''(4) coordinated activities to direct and control an organization with regard to risk.'' (ISO/IEC 2008) </blockquote> | |
− | |||
− | === | + | ===Sources=== |
− | ISO/IEC/IEEE. 2010. ''Systems and Software Engineering - System and Software Engineering Vocabulary (SEVocab)''. Geneva, Switzerland: International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC)/ Institute of Electrical and Electronics Engineers (IEEE). [[ISO/IEC/IEEE 24765]]:2010. | + | (1) - (3) ISO/IEC/IEEE. 2010. ''Systems and Software Engineering - System and Software Engineering Vocabulary (SEVocab)''. Geneva, Switzerland: International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC)/ Institute of Electrical and Electronics Engineers (IEEE). [[ISO/IEC/IEEE 24765]]:2010. |
− | ISO/IEC/IEEE. 2008. ''Corporate governance of information technology''. Geneva, Switzerland: International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC)/ Institute of Electrical and Electronics Engineers (IEEE). ISO/IEC/IEEE 38500:2008. | + | (4) ISO/IEC/IEEE. 2008. ''Corporate governance of information technology''. Geneva, Switzerland: International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC)/ Institute of Electrical and Electronics Engineers (IEEE). ISO/IEC/IEEE 38500:2008. |
===Discussion=== | ===Discussion=== | ||
Line 15: | Line 14: | ||
[[Category:Glossary of Terms]] | [[Category:Glossary of Terms]] | ||
− | + | <center>'''SEBoK v. 2.9, released 20 November 2023'''</center> | |
− | |||
− |
Latest revision as of 23:09, 18 November 2023
(1) An organized process for identifying and handling risk factors. (ISO/IEC/IEEE 2010)
(2) an organized means of identifying and measuring risk (risk assessment) and developing, selecting, and managing options (risk analysis) for resolving (risk handling) these risks. (ISO/IEC/IEEE 2010)
(3) organized, analytic process to identify what might cause harm or loss (identify risks); to assess and quantify the identified risks; and to develop and, if needed, implement an appropriate approach to prevent or handle causes of risk that could result in significant harm or loss. (ISO/IEC/IEEE 2010)
(4) coordinated activities to direct and control an organization with regard to risk. (ISO/IEC 2008)
Sources
(1) - (3) ISO/IEC/IEEE. 2010. Systems and Software Engineering - System and Software Engineering Vocabulary (SEVocab). Geneva, Switzerland: International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC)/ Institute of Electrical and Electronics Engineers (IEEE). ISO/IEC/IEEE 24765:2010.
(4) ISO/IEC/IEEE. 2008. Corporate governance of information technology. Geneva, Switzerland: International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC)/ Institute of Electrical and Electronics Engineers (IEEE). ISO/IEC/IEEE 38500:2008.
Discussion
None.