Risk Reduction

From BCMpedia. A Wiki Glossary for Business Continuity Management (BCM) and Disaster Recovery (DR).
Jump to navigation Jump to search
1. Risk Reduction is to take appropriate actions to lessen the likelihood, negative consequences or both, associated with a risk.

Note (1):The purpose of Risk Reduction is to reduce the risk to a level which is acceptable to management; by identifying, evaluating and implementing suitable controls or countermeasures.

Note (2):Examples of a control is the deployment of more security guards (physical control) and clean desk policy (procedural control).

Related Terms: Risk Treatment, Risk Mitigation, Risk Transference.

Analysing And Reviewing The Risks For Business Continuity Planning
BCMBoK Competency Level
BCMBoK 2: Risk Analysis & Review CL 2B: Intermediate (BC)


BCMBoK Competency Level
BCMBoK 2: Risk Analysis & Review CL 2C: Intermediate (CM)


BCMBoK Competency Level
BCMBoK 2: Risk Analysis & Review CL 2D: Intermediate (DR)

 

 

Courses

(Source: Business Continuity Management Institute - BCM Institute)

2. Actions taken to lessen the probability, negative consequences, or both, associated with a risk.

(Source: ISO 22399:2007 – Societal Security - Guideline for Incident Preparedness and Operational Continuity Management) - clause 3.39

3. A selective application of appropriate techniques and management principles to reduce either probability of an occurrence or its impact, or both.

(Source: Singapore Standard 540 - SS 540:2008)

4. A selective application of appropriate techniques and management principles to reduce or mitigate either likelihood of an occurrence or its consequences, or both.

(Source: Business Continuity Institute - BCI)

5. Plans and processes that will allow an organization to avoid, preclude, or limit the impact of a crisis occurring. The tasks included in prevention should include compliance with corporate policy, mitigation strategies, and behavior and programs to support avoidance and deterrence and detection.

(Source: ASIS International - ASIS International)

6. The implementation of the preventative measures which Risk Assessment has identified.

(Source: Business Continuity Institute - BCI)

(Source: ENISA - the European Network and Information Security Agency. BCM & Resilience Glossary)