Risk Evaluation

From BCMpedia. A Wiki Glossary for Business Continuity Management (BCM) and Disaster Recovery (DR).
Jump to navigation Jump to search
1. Risk Evaluation is the process used to compare the estimated risk against the given risk criteria so as to determine the significance of the risk.

Note: Risk evaluation may be used to assist in the decision to risk treatment.

Risk Evaluation as part of the ISO31000 Risk Management Framework

Related Terms: Risk Appetite, Risk Likelihood, Risk Impact, Risk Rating, Risk Assessment, Risk Level, Period of Disruption

Analysing And Reviewing The Risks For Business Continuity Planning
BCMBoK Competency Level
BCMBoK 2: Risk Analysis & Review CL 2B: Intermediate (BC)


BCMBoK Competency Level
BCMBoK 2: Risk Analysis & Review CL 2C: Intermediate (CM)


BCMBoK Competency Level
BCMBoK 2: Risk Analysis & Review CL 2D: Intermediate (DR)

 

 

Courses

(Source: Business Continuity Management Institute - BCM Institute)

2. Process of comparing the results of risk analysis (2.21) with risk criteria (2.22) to determine whether the risk (2.1) and/or its magnitude is acceptable or tolerable

Notes (1) : Risk evaluation assists in the decision about risk treatment (2.25).

[ISO Guide 73:2009, definition 3.7.1]

(Source: ISO 31000:2009 – Risk Management — Principles and Guidelines) - clause 2.24

3. The process of determining the significance of risk.

(Source: ENISA - the European Network and Information Security Agency. BCM & Resilience Glossary)