Difference between revisions of "Risk Reduction"

From BCMpedia. A Wiki Glossary for Business Continuity Management (BCM) and Disaster Recovery (DR).
Jump to navigation Jump to search
Line 1: Line 1:
 
{| style="margin-left: 0px; text-align: left; font-style: none; width:100%; font-weight: none; background: #F0F0F0; border:1px"
 
{| style="margin-left: 0px; text-align: left; font-style: none; width:100%; font-weight: none; background: #F0F0F0; border:1px"
 
|-
 
|-
| '''1.''' Risk Reduction is to take appropriate actions to lessen the [[Likelihood|likelihood]], negative consequences or both, associated with a [[Risk|risk]].  
+
| '''1.''' Risk Reduction is to take appropriate actions to lessen the [[Likelihood|likelihood]], negative consequences or both, associated with a [[Risk|risk]].
 +
 
 
{{Template:BL-BCM-5Banner}}
 
{{Template:BL-BCM-5Banner}}
  
'''Note (1)'':'''<i>The purpose of Risk Reduction is to [[Reduce|reduce]] the [[Risk|risk]] to a level which is acceptable to management; by identifying, evaluating and implementing suitable [[Control|controls]] or countermeasures.
+
'''Note (1)''': The purpose of Risk Reduction is to [[Reduce|reduce]] the [[Risk|risk]] to a level which is acceptable to management; by identifying, evaluating and implementing suitable [[Control|controls]] or countermeasures.
  
'''Note (2)'':'''<i>Examples of a [[Control|control]] is the deployment of more security guards (physical [[Control|control]]) and clean desk policy (procedural [[Control|control]]).
+
'''Note (2)''': Examples of a [[Control|control]] is the deployment of more security guards (physical [[Control|control]]) and clean desk policy (procedural [[Control|control]]).
  
 
'''Related Terms''': [[Risk_Treatment|Risk Treatment]], [[Risk_Mitigation|Risk Mitigation]], [[Risk_Transference|Risk Transference]].
 
'''Related Terms''': [[Risk_Treatment|Risk Treatment]], [[Risk_Mitigation|Risk Mitigation]], [[Risk_Transference|Risk Transference]].
 
[[File:3D BCM Series Analyzing and Reviewing in the context of BCM Books.jpg|thumb|left|140px|Analysing And Reviewing The Risks For Business Continuity Planning ]]
 
  
 
{{Template:BCM Course}}
 
{{Template:BCM Course}}

Revision as of 14:51, 29 October 2020

1. Risk Reduction is to take appropriate actions to lessen the likelihood, negative consequences or both, associated with a risk.

Note (1): The purpose of Risk Reduction is to reduce the risk to a level which is acceptable to management; by identifying, evaluating and implementing suitable controls or countermeasures.

Note (2): Examples of a control is the deployment of more security guards (physical control) and clean desk policy (procedural control).

Related Terms: Risk Treatment, Risk Mitigation, Risk Transference.

BCMBoK Competency Level
BCMBoK 2: Risk Analysis & Review CL 2B: Intermediate (BC)



BCMBoK Competency Level
BCMBoK 2: Risk Analysis & Review CL 2C: Intermediate (CM)



BCMBoK Competency Level
BCMBoK 2: Risk Analysis & Review CL 2CC: Intermediate (CC)

(Source: Business Continuity Management Institute - BCM Institute)

2. Actions taken to lessen the probability, negative consequences, or both, associated with a risk. (Source: ISO 22399:2007 – Societal Security - Guideline for Incident Preparedness and Operational Continuity Management) - clause 3.39

3. A selective application of appropriate techniques and management principles to reduce either probability of an occurrence or its impact, or both. (Source: Singapore Standard 540 - SS 540:2008)

4. A selective application of appropriate techniques and management principles to reduce or mitigate either likelihood of an occurrence or its consequences, or both. (Source: Business Continuity Institute - BCI)

5. Plans and processes that will allow an organization to avoid, preclude, or limit the impact of a crisis occurring. The tasks included in prevention should include compliance with corporate policy, mitigation strategies, and behavior and programs to support avoidance and deterrence and detection.

(Source: ASIS International - ASIS International)

6. The implementation of the preventative measures which Risk Assessment has identified.

(Source: Business Continuity Institute - BCI)

(Source: ENISA - the European Network and Information Security Agency. BCM & Resilience Glossary)