Risk Evaluation

From BCMpedia. A Wiki Glossary for Business Continuity Management (BCM) and Disaster Recovery (DR).
Jump to: navigation, search
1. Risk Evaluation is the process used to compare the estimated risk against the given risk criteria so as to determine the significance of the risk.

Note: Risk evaluation may be used to assist in the decision to risk treatment.

Risk Evaluation as part of the ISO31000 Risk Management Framework

Related Terms: Risk Appetite, Risk Likelihood, Risk Impact, Risk Rating, Risk Assessment, Risk Level, Period of Disruption

Analysing And Reviewing The Risks For Business Continuity Planning
BCMBoK Competency Level
BCMBoK 2: Risk Analysis & Review CL 2B: Intermediate (BC)


BCMBoK Competency Level
BCMBoK 2: Risk Analysis & Review CL 2C: Intermediate (CM)


BCMBoK Competency Level
BCMBoK 2: Risk Analysis & Review CL 2D: Intermediate (DR)

 

 

Courses

(Source: Business Continuity Management Institute - BCM Institute)

2. Process of comparing the results of risk analysis (2.21) with risk criteria (2.22) to determine whether the risk (2.1) and/or its magnitude is acceptable or tolerable

Notes (1) : Risk evaluation assists in the decision about risk treatment (2.25).

[ISO Guide 73:2009, definition 3.7.1]

(Source: ISO 31000:2009 – Risk Management — Principles and Guidelines) - clause 2.24

3. The process of determining the significance of risk.

(Source: ENISA - the European Network and Information Security Agency. BCM & Resilience Glossary)