Ver:
·
Riesgo
Riesgo
remanente después del tratamiento del riesgo.
NOTA 1 El
riesgo residual puede contener riesgos no identificados.
NOTA 2 El riesgo
residual también se puede conocer como "riesgo retenido".
[UNE-ISO GUÍA 73:2010]
[UNE-ISO/IEC 27000:2014]
Riesgos
remanentes que existen después de que se hayan tomado las medidas de seguridad.
[UNE-71504:2008]
Riesgo
remanente después del tratamiento del riesgo.
NOTA 1. El
riesgo residual puede contener riesgos no identificados.
NOTA 2. El
riesgo residual también se puede conocer como "riesgo retenido".
[UNE Guía
73:2010]
risk
remaining after risk treatment
NOTE 1: Residual risk can
contain unidentified risk.
NOTE 2: Residual risk can
also be known as “retained risk”.
[ISO Guide
73:2009] [ISO-27000:2014]
Portion of risk remaining
after security measures have been applied. [CNSSI_4009:2010]
risk remaining after risk
treatment
NOTE 1. Residual risk can
contain unidentified risk.
NOTE 2. Residual risk can
also be known as “retained risk”.
[ISO Guide 73:2009]
The remaining risk after
management has implemented risk response. [RiskIT-PG:2009]
A metric capable of showing
that the enterprise is subject to, or has a high probability of being subject
to, a risk that exceeds the defined risk tolerance. [RiskIT-PG:2009]
risk that remains after risk
management measures have been implemented
DHS Risk Lexicon, September
2008
(I) The portion of an
original risk or set of risks that remains after countermeasures have been
applied. (Compare: acceptable risk, risk analysis.) [RFC4949:2007]
The potential for the
occurrence of an adverse event after adjusting for the impact of all in-place
safeguards. [TDIR:2003]
The remaining, potential
risk after all IT security measures are applied. There is a residual risk
associated with each threat. [NIST-SP800-33:2001]
risque subsistant après
le traitement du risque
NOTE 1. Un risque
résiduel peut inclure un risque non identifié.
NOTE 2. Un risque
résiduel peut également être appelé «risque pris»
[ISO Guide 73:2009]