Difference between revisions of "Residual Risk"
Line 7: | Line 7: | ||
'''Related Terms''': [[Risk_Acceptance|Risk Acceptance]], [[Risk_Treatment|Risk Treatment]], [[Risk_Tolerance|Risk Tolerance]] | '''Related Terms''': [[Risk_Acceptance|Risk Acceptance]], [[Risk_Treatment|Risk Treatment]], [[Risk_Tolerance|Risk Tolerance]] | ||
− | + | <br><br> | |
{{Template:BCM Course}} | {{Template:BCM Course}} | ||
− | {{BcmBoK 2 CL 2B}}<br | + | {{BcmBoK 2 CL 2B}}<br><br> |
+ | {{BcmBoK 2 CL 2C}}<br><br> | ||
+ | {{BcmBoK 2 CL 2D}} | ||
{{Template:BLCoursesBanner}} | {{Template:BLCoursesBanner}} |
Latest revision as of 15:29, 29 October 2020
1. Residual Risk is the remaining risk which cannot be defined in more detail after elimination or inclusion of all conceivable quantified risks in a risk consideration.
Notes: Residual risk is the level of uncontrolled risk remaining after the risk treatment. Related Terms: Risk Acceptance, Risk Treatment, Risk Tolerance
|
2. Risk remaining after risk treatment.
(Source: ISO 22399:2007 – Societal Security - Guideline for Incident Preparedness and Operational Continuity Management) - clause 3.30
3. Risk (2.1) remaining after risk treatment (2.25)
Notes (1) : Residual risk can contain unidentified risk.
Notes (2) : Residual risk can also be known as “retained risk”.
[ISO Guide 73:2009, definition 3.8.1.6]
(Source: ISO 31000:2009 – Risk Management — Principles and Guidelines) - clause 2.27
4. The level of uncontrolled risk remaining after all cost-effective actions have been taken to lessen the impact and probability of a specific risk or group of risks, subject to the organizations risk appetite.
(Source: Business Continuity Institute - BCI)