| 1. Risk Acceptance is to make an informed decision to accept the likelihood and impact of a particular risk. Risk Acceptance depends on risk criteria and the risk appetite of Top Management. |
Notes (2) : Risk acceptance depends on the risk criteria.
(Source: ISO 22399:2007 – Societal Security - Guideline for Incident Preparedness and Operational Continuity Management) - clause 3.34
(Source: Singapore Standard 540 - SS 540:2008)
4. An informed decision to accept the consequences of likely events based on risk criteria.
(Source: ENISA - the European Network and Information Security Agency. BCM & Resilience Glossary)