Difference between revisions of "Risk Reduction"

From BCMpedia. A Wiki Glossary for Business Continuity Management (BCM) and Disaster Recovery (DR).
Jump to navigation Jump to search
m
Line 1: Line 1:
 
 
{| style="margin-left: 0px; text-align: left; font-style: none; width:100%; font-weight: none; background: #F0F0F0; border:1px"
 
{| style="margin-left: 0px; text-align: left; font-style: none; width:100%; font-weight: none; background: #F0F0F0; border:1px"
 
|-
 
|-
 
| '''1.''' Risk Reduction is to take appropriate actions to lessen the [[Likelihood|likelihood]], negative consequences or both, associated with a [[Risk|risk]].  
 
| '''1.''' Risk Reduction is to take appropriate actions to lessen the [[Likelihood|likelihood]], negative consequences or both, associated with a [[Risk|risk]].  
{{WCC H}}
+
{{Template:BL-BCM-5Banner}}
  
'''Note (1)'':'''''<i>The purpose of Risk Reduction is to [[Reduce|reduce]] the [[Risk|risk]] to a level which is acceptable to management; by identifying, evaluating and implementing suitable [[Control|controls]] or countermeasures.</i>
+
'''Note (1)'':'''<i>The purpose of Risk Reduction is to [[Reduce|reduce]] the [[Risk|risk]] to a level which is acceptable to management; by identifying, evaluating and implementing suitable [[Control|controls]] or countermeasures.
  
'''Note (2)'':'''''<i>Examples of a [[Control|control]] is the deployment of more security guards (physical [[Control|control]]) and clean desk policy (procedural [[Control|control]]).</i>
+
'''Note (2)'':'''<i>Examples of a [[Control|control]] is the deployment of more security guards (physical [[Control|control]]) and clean desk policy (procedural [[Control|control]]).
  
Related Terms: [[Risk_Treatment|Risk Treatment]], [[Risk_Mitigation|Risk Mitigation]], [[Risk_Transference|Risk Transference]].
+
'''Related Terms''': [[Risk_Treatment|Risk Treatment]], [[Risk_Mitigation|Risk Mitigation]], [[Risk_Transference|Risk Transference]].
  
 
[[File:3D BCM Series Analyzing and Reviewing in the context of BCM Books.jpg|thumb|left|140px|Analysing And Reviewing The Risks For Business Continuity Planning ]]
 
[[File:3D BCM Series Analyzing and Reviewing in the context of BCM Books.jpg|thumb|left|140px|Analysing And Reviewing The Risks For Business Continuity Planning ]]
  
{{BcmBoK 2 CL 2B}}<br/> <br/> {{BcmBoK 2 CL 2C}}<br/> <br/> {{BcmBoK 2 CL 2D}}
+
{{Template:BCM Course}}
 
+
{{BcmBoK 2 CL 2B}}
&nbsp;
+
<br><br>
 
+
{{BcmBoK 2 CL 2C}}
&nbsp;
+
<br><br>
 
+
{{BcmBoK 2 CL 2CC}}
'''''Courses'''''
 
 
 
*[http://www.bcm-institute.org/courses/analyzing-and-reviewing-risk-col-313 Attend: Classroom: Risk Analysis Courses]
 
*[https://www.bcm-institute.org/courses/business-continuity-management-courses-2/bcm-competency-courses/competency-level-300/bcm-310-assessing-risk-and-business-impact-requirements/ Attend: Classroom: Competency-based Risk Analysis Courses]
 
*[http://www.bcm-institute.org/courses/risk-analysis-and-review Attend: E-Learning: Risk Analysis module]
 
  
 +
{{Template:BLCoursesBanner}}
 
{{Bcm Institute Source}}
 
{{Bcm Institute Source}}
 
 
|}
 
|}
 +
{{Template: BookMGISO22301}}
  
 
'''2.''' Actions taken to lessen the probability, negative consequences, or both, associated with a risk.
 
'''2.''' Actions taken to lessen the probability, negative consequences, or both, associated with a risk.
 
 
{{ISO 22399 Source}} - clause 3.39
 
{{ISO 22399 Source}} - clause 3.39
  
 
'''3.''' A selective application of appropriate techniques and management principles to [[Reduce|reduce]] either [[Probability|probability]] of an occurrence or its [[Impact|impact]], or both.
 
'''3.''' A selective application of appropriate techniques and management principles to [[Reduce|reduce]] either [[Probability|probability]] of an occurrence or its [[Impact|impact]], or both.
 +
{{TR19 Source}}
  
{{TR19 Source}}
+
{{Template:BookPSRAR}}
  
 
'''4.''' A selective application of appropriate techniques and management principles to [[Reduce|reduce]] or mitigate either [[Likelihood|likelihood]] of an occurrence or its consequences, or both.
 
'''4.''' A selective application of appropriate techniques and management principles to [[Reduce|reduce]] or mitigate either [[Likelihood|likelihood]] of an occurrence or its consequences, or both.
 
 
('''Source:''' Business Continuity Institute - BCI)
 
('''Source:''' Business Continuity Institute - BCI)
  

Revision as of 14:50, 29 October 2020

1. Risk Reduction is to take appropriate actions to lessen the likelihood, negative consequences or both, associated with a risk.

Note (1):The purpose of Risk Reduction is to reduce the risk to a level which is acceptable to management; by identifying, evaluating and implementing suitable controls or countermeasures.

Note (2):Examples of a control is the deployment of more security guards (physical control) and clean desk policy (procedural control).

Related Terms: Risk Treatment, Risk Mitigation, Risk Transference.

Analysing And Reviewing The Risks For Business Continuity Planning
BCMBoK Competency Level
BCMBoK 2: Risk Analysis & Review CL 2B: Intermediate (BC)



BCMBoK Competency Level
BCMBoK 2: Risk Analysis & Review CL 2C: Intermediate (CM)



BCMBoK Competency Level
BCMBoK 2: Risk Analysis & Review CL 2CC: Intermediate (CC)

(Source: Business Continuity Management Institute - BCM Institute)

2. Actions taken to lessen the probability, negative consequences, or both, associated with a risk. (Source: ISO 22399:2007 – Societal Security - Guideline for Incident Preparedness and Operational Continuity Management) - clause 3.39

3. A selective application of appropriate techniques and management principles to reduce either probability of an occurrence or its impact, or both. (Source: Singapore Standard 540 - SS 540:2008)

4. A selective application of appropriate techniques and management principles to reduce or mitigate either likelihood of an occurrence or its consequences, or both. (Source: Business Continuity Institute - BCI)

5. Plans and processes that will allow an organization to avoid, preclude, or limit the impact of a crisis occurring. The tasks included in prevention should include compliance with corporate policy, mitigation strategies, and behavior and programs to support avoidance and deterrence and detection.

(Source: ASIS International - ASIS International)

6. The implementation of the preventative measures which Risk Assessment has identified.

(Source: Business Continuity Institute - BCI)

(Source: ENISA - the European Network and Information Security Agency. BCM & Resilience Glossary)