AKIT
English Eesti

risk treatment

riskikäsitlus

olemus
ISO Guide 73, ISO/IEC 27000:
riski muutmise protsess,
võib ka tekitada uusi riske;
võib hõlmata
- riski vältimist
- riski leevendamist
- riski säilitamist põhjendatud valikuna
- riski suurendamist soodsa juhuse taotlemiseks
- riskiallika kõrvaldamist
- võimalikkuse muutmist
- tagajärgede muutmist
- riski jagamist teistega,
sealhulgas riski rahastamisega
=
process to modify risk (1.1)
Note. Risk treatment can involve:
— avoiding the risk by deciding not to start or continue with the activity that gives rise to the risk;
— taking or increasing risk in order to pursue an opportunity;
— removing the risk source ;
— changing the likelihood;
— changing the consequences;
— sharing the risk with another party or parties [including contracts and risk financing; and
— retaining the risk by informed decision.
Note 2. Risk treatments that deal with negative consequences are sometimes referred to as “risk mitigation”, “risk elimination”, “risk prevention” and “risk reduction”.
Note 3. Risk treatment can create new risks or modify existing risks.


ülevaateid
https://www.enisa.europa.eu/topics/threat-risk-management/risk-management/current-risk/risk-management-inventory/rm-process/risk-treatment

https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-treatment-6-basic-steps/

https://www.itgovernance.co.uk/blog/how-to-create-an-iso-27001-compliant-risk-treatment-plan/

https://www.ncsc.gov.uk/guidance/summary-risk-methods-and-frameworks