title>Risk management—Vocabulary - GB/T 23694-2013 - Chinese standardNet - bzxz.net
Home > GB > Risk management—Vocabulary
Risk management—Vocabulary

Basic Information

Standard ID: GB/T 23694-2013

Standard Name:Risk management—Vocabulary

Chinese Name: 风险管理 术语

Standard category:National Standard (GB)

state:in force

Date of Release2013-12-31

Date of Implementation:2014-07-01

standard classification number

Standard ICS number:General, Terminology, Standardization, Documentation>> Vocabulary>>01.040.03 Sociology, Services, Organization and Management of Companies (Enterprises), Administration, Transport (Vocabulary)

Standard Classification Number:General>>Basic Standards>>A22 Terms and Symbols

associated standards

alternative situation:Replaces GB/T 23694-2009;

Procurement status:ISO Guide 73:2009 IDT

Publication information

publishing house:China Standards Press

Publication date:2014-07-01

other information

drafter:Yang Ying, Lü Duojia, Gao Xiaohong, Cui Yanwu, Liu Tiezhong, Liu Xinli, Li Jianping, and Wang Bangjun.

Drafting unit:China National Institute of Standardization, First Huida Risk Management Technology Co., Ltd., Beijing Institute of Technology, China Aviation Technology Research Institute, Peking University, Institute of Science and Technology Policy and Management

Focal point unit:National Technical Committee on Risk Management Standardization (SAC/TC 310)

Proposing unit:National Risk Management Standardization Technical Committee (SAC/TC310)

Publishing department:General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China Standardization Administration of China

competent authority:National Technical Committee on Risk Management Standardization (SAC/TC 310)

Introduction to standards:

GB/T 23694-2013 Risk Management Terminology GB/T23694-2013 |tt||Standard compression package decompression password: www.bzxz.net
This standard specifies the definitions of basic terms related to risk management, aiming to encourage the use of a coherent approach and consistent understanding to describe risk management related activities, and to use unified risk management terminology when involving risk management processes and frameworks. This standard is suitable for the following persons: ————Personnel engaged in risk management; ————Personnel involved in ISO and IEC activities; ————Personnel who develop national or industry standards, guidelines, procedures and regulations related to risk management. For the principles and guidelines of risk management, please refer to ISO31000:2009.
This standard was drafted in accordance with the rules given in GB/T1.1-2009.
This standard replaces GB/T23694-2009 "Risk Management Terminology" (ISO/IEC Guide 73:2002, IDT).
This standard uses the translation method equivalent to ISO Guide 73:2009 "Risk Management Terminology" (English and French version).
This standard makes the following editorial changes to ISO Guide 73:2009:
———The term "this guide" is changed to "this standard";
———In the "references", the corresponding international documents in the "references" of ISO Guide 73:2009 are replaced by domestic documents.
This standard is proposed and managed by the National Technical Committee for Standardization of Risk Management (SAC/TC310).
The drafting units of this standard are: China National Institute of Standardization, First Huida Risk Management Technology Co., Ltd., Beijing Institute of Technology, China Aviation Comprehensive Technology Research Institute, Peking University, and Institute of Science and Technology Policy and Management Science of the Chinese Academy of Sciences.
The main drafters of this standard.

Preface III
Introduction IV
1 Scope1
2 Terms related to risk1
3 Terms related to risk management1
4 Terms related to the risk management process2
4.1 Risk management process2
4.2 Terms related to communication and consultation2
4.3 Terms related to the environment2
4.4 Terms related to risk assessment3
4.5 Terms related to risk identification3
4.6 Terms related to risk analysis4
4.7 Terms related to risk evaluation5
4.8 Terms related to risk response5
References8
Index9

Some standard content:

[CS 01.040.03
National Standard of the People's Republic of China
GB/T23694—2013/TS0Guide73.2009fCUATE3694-2035
Risk Management
Risk Management Vocabulary
(ISO)(uide73,209.IDT)
2013-12-31Released
General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of ChinaStandardization Administration of the People's Republic of China
2014-07-01Implementation
Terms related to risk
Terms related to risk management
Terms related to the risk management process
Risk management process
Terms related to communication and consulting
Terms related to the environment
Terms related to risk assessment
Terms related to risk identification
Terms related to risk analysis
Terms related to risk assessment
Terms related to risk response
Tai Kao Literature
GB/T 23694—2013/JS0 Guide 73:2009 Foreword
This standard was drafted in accordance with the rules given in GB/T 1.1-2C02. GB/T 23694—2013/ISO Guide 73:2009 This standard replaces GB/T 23694—2G09 Risk Management Terminology (ISO/IEC Guide 73:2G02, IDT). This standard uses the translation method equivalent to ISO 15001:2009 Risk Management Technology 3 (English and French versions). This standard makes the following editorial changes to ISO 15001:2009: the term "this guide" is changed to "this standard"; the corresponding international documents in "references" of ISO 15001:2009 are replaced by domestic documents. This standard is proposed and managed by the National Risk Management Standardization Technical Committee (5AC/T310). Drafting units of this standard: China National Institute of Standardization, First Huida Risk Management Technology Co., Ltd., Beijing Institute of Technology, China Aviation Comprehensive Technology Research Institute Beijing University Institute of Science and Technology Policy and Management Science, Chinese Academy of Sciences, the main drafters of this standard: Qiao Ying, Ri Jia, Gao Xiaohong, Cui Diwu, Liu Tiezhong, Liu Xinli, Li Jianping, and Zhu Bangjun. m
GB/T23694—2013/IS0Guide73:2009 Introduction
This standard specifies the basic terms of risk management to promote a consistent understanding of risk management concepts and terms in different organizations, industries, and fields.
When using risk management terms, the definitions given in this standard should be used first. The application of risk management is personalized. Therefore, in some cases, it is necessary to supplement the terms given in this standard. When a standard uses terms related to risk management, it must ensure that their meanings in the standard are correctly interpreted, explained and used. Organizations not only manage threats that affect the achievement of goals, but also increasingly apply risk management processes and develop comprehensive risk management methods to promote the use of potential opportunities. Compared with the concept of risk (with negative or adverse consequences) limited to safety in GB/T20000.4-2003, the terms and definitions in this standard are broader in concept and application. As organizations tend to use risk management methods in a broader sense, this standard covers all applications and fields. This standard is of general nature and involves And various fields of risk management, the terms are arranged in the following order: terms related to risk:
terms related to risk management;
terms related to the risk management process:
terms related to communication and consultation;
terms related to the environment:
terms related to risk assessment:
terms related to risk identification;
terms related to risk analysis:
terms related to risk assessment;
terms related to risk response;
terms related to monitoring and measurement.
1 Scope
GB/T 23694—20 13/1S0 Guide 73:2009 Risk management
Terms
This standard specifies the definitions of basic terms related to risk management, aiming to encourage a coherent approach and consistent understanding in describing risk management related activities. And use unified risk management terminology when referring to the process and framework of risk management: This standard is suitable for the following persons:
People engaged in risk management:
People involved in ISO and IFC activities:
People who develop national or industry standards, procedures, and rules related to risk management. For the principles and guidelines of risk management, please refer to ISO31G00:2009. 2 Terms related to risk
Risk risk
The impact of uncertainty on objectives.
Note 1: A risk is a deviation from expectations, which can be positive and/or negative. 2: The target can be a target of different aspects (e.g. financial, health and safety environment, etc.) and levels (e.g. process, organization, project, product and process, etc.). Note 3: Risks are usually identified in terms of potential events (4.5.1.32. Consequences < 4.6.1.3) or a combination of both. Note 4: Risk is usually expressed in terms of the combination of the consequences of an event (including changes in circumstances) and the likelihood of its occurrence (4.6.1.1). Note 5: Uncertainty also refers to a state of lack of confidence or incomplete knowledge about the likelihood of an event and its consequences. 3 Terms related to risk management
Risk management
The coordinated activities of an organization with respect to risk (2.1) to direct and control risk. 3.1.1
Risk management framework
A collection of organizational elements that provide the basis for the design, implementation, monitoring (4.8.2.1), review and ongoing integration of risk management (3.1) throughout the organization:
Note 1: The basis includes the approach to managing risk (2.1), objectives, authorizations and commitments. Note 2: The organizational arrangements include plans, relationships, responsibilities, processes and initiatives. Note 3: The risk management framework is integrated into the organization's overall strategy, operational policies and practices. 3.1.2
+risk management policy
Risk management policy
The overall intention and statement of the organization in relation to risk management (3.1) 3.1.3
Risk management plan
Risk management plan
Details of the methods, management factors and resource plans to be used to manage risks (2.1) in the risk management framework (3.1.1): 1
CB/T 23694—2013/IS0 Guide 73:2009 NOTE 1 Management requirements generally include procedures, working methods, and the order and timing of actions. NOTE 2 A risk management plan may be applied to specific products, process items, or parts or all of a process. 4 Terms related to risk management process
The risk management process risk management process is the systematic application of management policies, procedures and practices to communicate, consult, clarify the context and identify, analyse, evaluate, respond to, monitor (4.8, 2.1) and review risks (2.1). 4.2 Terms related to communication and consultation
Communicationand consultation is the continuous, back-and-forth process of providing information, sharing information, receiving information and engaging in dialogue with stakeholders (4.2.1.1) when managing risks (2.1).
Note 1: The scope of information may include the presence, nature, form, likelihood (4.6.1.1), significance, evaluation, relevance and reciprocity of risks. Note 2: Consultation is adequate two-way communication with stakeholders before a decision is made or the direction is determined. Consultation is a process of influencing decisions through influence rather than power. Consultation is an input to a decision, not a joint decision. 4.2.1.1
stakeholder
a person who can influence, be influenced by, or perceive to be affected by a decision or action. Note: Decision makers can be stakeholders. 4.2.1.2
risk perceptionriskperceptinn
stakeholder (4.2.1.1) is the perception of risk (2.1) Note: Risk perception reflects the needs, opinions, knowledge, beliefs and values ​​of stakeholders. 8 Terms related to environment
Defining the environment
establishing thc context
The process of determining the internal and external parameters that need to be considered when the organization manages risks and sets the risk management policy (3.1.2) and risk criteria (4.3.1.3).
external context
the external situation in which the organization seeks to achieve its objectives. Note: The external environment can include:
the international, domestic, regional or local cultural, social, political, legal, regulatory, financial, technological, economic, self-study and competitive environment, the relationships with external stakeholders (4.2.1.1) and their perceptions and values. 4.3.1.2
Internal environmentinternal cuntex
The internal situation in which an organization pursues its objectives. Note: The internal environment may include:
- Governance, organizational structure, functions and resources! 2
Planning, objectives, and strategies for achieving them: CB/T 23694—2013/IS0 Guide 73:2009 - Capabilities derived from resources and knowledge (such as capital time, manpower, facilities, systems and technologies): - Trust systems, information utilization decision-making processes [formal and informal]: relationships with internal stakeholders (4.2.1.1], and their knowledge and values; organizational culture:
A set of standards, norms and models used: the form and scope of organizational relationships.
Risk criteriarisk Criteria
Evaluate the basis for risk (2.1)
Note 1: The determination of risk criteria needs to be based on the organization's objectives, external environment (4.3.1.1) and internal environment (4.3.1.2) Note 2: Risk criteria can be derived from standards, policies and other requirements 4.4 Terms related to risk assessment
Risk assessment
Includes risk identification 4.5.1) The whole process of risk analysis (4.6.1) and risk assessment (4.7.1): 4.5 Terms related to risk identification
Risk identification risk identification
|The process of discovering, identifying and describing risks (2.1). Note 1: Risk planning also involves the identification of risk sources (4.5.1.2), events (4.5.1.3) and their causes and consequences (4.6.1.3). Note 2: Risk identification may involve the analysis of experience, expert opinions and the needs of stakeholders (4.2.1, 4.5.1.1
riskdescriplion
Risk description
A structured approach to risk, usually including four elements: risk sources (4.5.1.2), events (4.5.1.3), causes and consequences (4.6.1.3).
Risk sources risk source
An internal factor that may, alone or in combination, give rise to a risk (2.1). Note: A risk source may be tangible or intangible. 4.5.1.3
eventevent
The occurrence or change of a certain type of situation.
Note 1: An event may refer to one or more situations and may be caused by an objective factor. Note 2: An event may include situations that are not expected to occur. Note 3: An event is sometimes referred to as an "effect". Note 4: An event that does not result in a consequence (4, 6, 1, 3) may also be referred to as an "event", "incident", "imminent harm", or "probability of harm". 4.5.1.4
hazard
A source of potential harm.
Note: Hazard countable sources (4.5.1.2).8
GB/ 236942013/IS0 Guide 73 :20094.5.1.5
Risk owner riskowner
The individual or entity with the responsibility and authority to manage risk (2.1): 4.6 Terms related to risk analysis
risk analysis
Risk analysis
The process of understanding the nature of risk (2.1) and determining the level of risk (4, 6, 1, 8). Note 1: Risk analysis is the basis for risk assessment (4.7.1) and risk response (4.8.1>) risk mitigation strategies. Note 2: Risk analysis includes risk estimation,
Jikelihood
Probability
The chance of something happening
Note 1: Whether defined, measured or determined objectively or subjectively, qualitatively or quantitatively, or described in general or numerical terms [such as probability 4.6.1.4], the probability of something happening within a certain period of time. =Probability (4.6.1.5) In risk management terminology, the word "likelihood" is used to indicate that there is no chance of something happening. Note 2: The English word "likelihood" has a direct corresponding word in some languages. Therefore, the word "probability" is often used to replace it. However, in English, "likelihood" is often understood in a mathematical sense. Therefore, in risk management language, "likelihood" should have the same meaning as the word "probability" in many languages, and is not limited to the English word "probability". 4.6.1.2
exposure
The degree to which the organization and/or stakeholders (4,2.1.1) are affected by the primary event (4.5.1.3) 4.6,1.3
consequence
The result of the collective event (4.5.1.3) on the target. Note: A single event can lead to a series of consequences. Note 2: Consequences can be either definite or indefinite. The impact on the target can be positive or negative. Note 3: Consequences can be expressed in a definite way. Note 4: Through a chain reaction, the initial consequence may be of several levels. 4.6.1.4
Probability
Probability of the event The degree of chance of an action occurring is expressed mathematically between + and D. ∫ indicates that it is impossible to occur and 1 indicates that it will definitely occur. Note: See note 2 to 4.6.1.1.
frcqueney
The number of events (4.5.1.3) or consequences per unit of time. Note: Prevalence can be expressed as the number of past events (4.5.1.3) or future events, which can be used to measure likelihood (4.6.1.1)/probability (4.6.1.4) 4.6.T.6
Vulnerability
Wulnerability
The inherent characteristic of being susceptible to the influence of a risk source (4.5.1.2). 4.6.1.7
Risk matrix
risk matris
A tool for displaying risks (2.1) by defining a range of consequences (4.6.1.3) and likelihood (4.6.1.1). 4.6.1.8
Risk level
level of risk
The magnitude of a single risk (2.1) or a group of risks expressed as a combination of consequence (4.6.1.3) and likelihood (4.6.1.1>). 4
4.7 Terms related to risk assessment
Risk evaluation
GB/T 236942013/1S0 Guide 73:2009 Comparison of the results of risk analysis (4.6.1) with the risk criteria (4.3.1.3) to determine whether the risk (2.1) and/or its magnitude is acceptable or tolerable. Note: Risk assessment assists in risk response (4.8.1) decision making. 4.7.1.1 Risk attitude The way in which an organization seeks, manages, assumes or avoids risk (2.1). 4.7.1.2 Risk appetite The organization's willingness to seek or manage risk (2.1). 4.7.1.3 Risk tolerance The tendency of an organization to tolerance
The intention of an organization or stakeholder (4.2.1.1) to assume risk (2.1) in order to achieve its objectives after risk response (4.8.1). NOTE: Risk tolerance may be affected by legal requirements 4.7.1.4
Risk aversion
Risk avoidance (2.1).
risk aggregation
the combination of multiple risks into one risk (2.1) in order to have a more comprehensive understanding of the overall risk 4.7.1.6
risk aggregation
risk aeceptance
the decision to accept a particular risk (2.1). NOTE 1 Risk acceptance may occur without risk treatment (4.8.1) or through a risk pairing process. NOTE 2 Accepted risks are subject to monitoring (4.8.2.1) and review (4.8.2.2). 4.8 Terms related to risk treatment
risk treatment
the process of dealing with risks (2.1).
Note 1: Risk responses can include:
Not initiating or continuing the action that led to the risk;
Removing the source of the risk (4.5.1.2);
Changing the likelihood (4.6.1.1);
Changing the consequences (4.6.1.32);
Sharing the risk with other parties [including contracts and risk financing (4.8.1.4)];
Deciding after careful consideration to retain the risk;
Note 2: Risk responses for negative consequences are sometimes referred to as "risk Slow setting\risk elimination"risk spot or"\risk reduction" etc. Note 3: Risk response may generate new risks or change existing risks. 5
GB/T23694—2013/ISOGuide73:20094.8.1.1
Controlcontrol
Measures to deal with risks (2.1)
Note 1: Excavation includes any process, strategy, facility, operation or other action to deal with wind age. Note 2: Control may not always achieve the desired effect. 4.8.1.2
Risk avoidancerisk avoidance
decision not to participate in or withdraw from an activity to avoid exposure to a particular risk (2.1). Note: Risk avoidance may be based on the results of a risk assessment (4.7.1) and/or on laws and regulations. 4.8.1.3
risk sharing
a form of risk response (4.8.1) involving agreement with other parties on the allocation of risk (2.1). Note 1: Laws and regulations may restrict, prohibit or mandate risk sharing. Note 2: Risk sharing may be achieved through insurance or other contractual forms. Note 3: The extent of risk allocation depends on the credibility and transparency of the risk sharing scheme. Note 4: Risk transfer is a form of risk sharing. 4.8.1.4
risk sharing financing
risk financing
a form of risk response (4.8.1) in which contingency funding arrangements are made to face or deal with a financial consequence (4.6.1.3) that may occur. 4.8.1.5
risk retention
acceptance of the potential gain or loss of a particular risk (2.1). Note 1: Risk retention includes acceptance of residual risk (4.8.1.6). Note 2: The level of risk retained (4.6.1.8) depends on the risk criteria (4.3.1.3). 4.8.1.6
residual risk
risk
The risk (2.1) that remains after the risk response (4.8.1) has been completed. NOTE 1 Residual risk may include unidentified risks. NOTE 2 Residual risk is considered “retained risk”. 4.8.1.7
Resilience
resillience
the ability of an organization to adapt to a complex and changing environment. 4.8.2
Terms related to monitoring and measurement
monitoring
continuously checking, monitoring, closely observing or confirming the status of a risk to identify deviations from requirements or expected performance. NOTE: Monitoring can be applied to the management cabinet (3.1.1) risk management process (4.1). risk (2.1) or control (4.8.1.1). 4.8.2.2
review
the activities carried out to determine the suitability, adequacy and effectiveness of a matter in achieving established objectives. Note 1 to entry: Review can apply to the risk management framework (3.1.1), the risk management process (4.1), risks (2.1) or controls (4.8.1.1). 4.8.2.3
Risk reporting
Communication of information about the status of risks (2.1) and risk management to internal or external stakeholders (4.2.1.1). 6
risk register
risk register
record of information on identified risks (2.1).
NOTE: "risk log" is sometimes used instead of "risk register". 4.8.2.5
risk profile
risk profile
description of a group of risks (2.1)
GB/T 23694—2013/IS0 Guide 73:2009NOTE A group of risks may include risks to the entire group, part of the organization or other relevant aspects. 4.8.2.6
risk management audit
systematic, independent and documented process for obtaining evidence and conducting an objective evaluation to determine the adequacy and effectiveness of the risk management framework (3.1.1) or part of it. GB/T 23694-2013/IS0 Guide 73:2009[1
150 704:2000
150 860.2007
Gongkaowen
Terminology
Principles and methods
Integration of concepts and terms
Terminology
GB/T3358.1-20C9 Statistical vocabulary and symbols Part 1: General statistical terms and terms used in summary Quality management system fundamentals and terminology (GB/T190C0—2003.IS09005:2505.IDT)GR/T 19000
CB/T20001.1-2001 Rules for the preparation of standards Part 1, clauses (150)10241:1992,NEQGB/T24353—2009
Risk management principles and implementation guidelines
CB/T 20000.1- 2502
IEC Guide 2.1H96,MOD)
[87GB/T20000.42003
51,1999,OD)
Standardization.1.Guidelines for standardization and related activities Part 1: General reference for standardization and related activities ISO/Standardization work guidelines Part 4: Safety aspects of post-production (ISO/IFCrmide:2
Risk avoidance
The decision not to engage in or withdraw from an activity to avoid exposure to a particular risk (2.1). Note: Risk avoidance may be based on the results of a risk assessment (4.7.1) and/or on laws and regulations. 4.8.1.3
Risk sharing
A form of risk response (4.8.1) involving agreement with other parties on the allocation of risk (2.1). Note 1: Laws and regulations may restrict, prohibit or mandate risk sharing. Note 2: Risk sharing may be achieved through insurance or other contractual forms. Note 3: The extent of risk allocation depends on the credibility and transparency of the risk sharing scheme. Note 4: Risk transfer is a form of risk sharing. 4.8.1.4
risk sharing financing
risk financing
a form of risk response (4.8.1) in which contingency funding arrangements are made to face or deal with a financial consequence (4.6.1.3) that occurs. 4.8.1.5
risk retention
acceptance of the potential gain or loss of a particular risk (2.1). Note 1: Risk retention includes acceptance of residual risk (4.8.1.6). Note 2: The level of risk retained (4.6.1.8) depends on the risk criteria (4.3.1.3). 4.8.1.6
residual risk
risk
The risk (2.1) that remains after the risk response (4.8.1) has been completed. NOTE 1 Residual risk may include unidentified risks. NOTE 2 Residual risk is referred to as “retained risk”. 4.8.1.7
Resilience
resillience
the ability of an organization to adapt to a complex and changing environment. 4.8.2
Terms related to monitoring and measurement
monitoring
continuously checking, monitoring, closely observing or confirming the status of risks to identify risks that are related to Requirement or expected performance is too high. Note: Supervision can be used to manage the risk management framework (3.1.1) risk management process (4.1). Risk (2.1) or control (4.8.1.1). 4.8.2.2
review
Activities carried out to determine the suitability, adequacy and effectiveness of a matter in achieving established objectives. Note: Review can be used for risk management framework (3.1.1), risk management process (4.1), risk (2.1) or control (4.8.1.1). 4.8.2.3
risk reportrisk reporting
Communication of information about the status of risks (2.1) and risk management to internal or external stakeholders (4.2.1.1). 6
risk register
Risk register
Record of information about identified risks (2.1).
NOTE: The term "risk log" is sometimes used instead of "risk register". 4.8.2.5
Risk profile
risk profile
Description of a group of risks (2.1)
GB/T 23694—2013/IS0Guide73:2009NOTE: A group of risks may include risks to the entire group, part of the organization or other relevant aspects. 4.8.2.6
Risk management audit
Systematic, independent and documented process for obtaining evidence and conducting an objective evaluation to determine the adequacy and effectiveness of the risk management framework (3.1.1) or part of it. GB/T 23694-2013/IS0 Guide 73:2009[1
150 704:2000
150 860.2007
Gongkaowen
Terminology
Principles and methods
Concepts and terminology
Terminology
GB/T3358.1-20C9Statistical vocabulary and symbols Part 1: General statistical terms and terms used in summary Quality management system fundamentals and terminology (GB/T190C0-2003.IS09005:2505.IDT)GR/T 19000
CB/T20001.1-2001 Rules for the preparation of standards Part 1, Clauses (150) 10241: 1992, NEQ GB/T24353—2009
Risk management principles and implementation guidelines
CB/T 20000.1- 2502bZxz.net
IEC Guide 2.1H96, MOD)
[87 GB/T20000.42003
51,1999, OD)
Standardization.1. Guidelines for work Part 1: General reference for standardization and related activities ISO/Standardization work guidelines Part 4: Safety-related aspects of post-production (ISO/IFCrmide:2
Risk avoidance
The decision not to engage in or withdraw from an activity to avoid exposure to a particular risk (2.1). Note: Risk avoidance may be based on the results of a risk assessment (4.7.1) and/or on laws and regulations. 4.8.1.3
Risk sharing
A form of risk response (4.8.1) involving agreement with other parties on the allocation of risk (2.1). Note 1: Laws and regulations may restrict, prohibit or mandate risk sharing. Note 2: Risk sharing may be achieved through insurance or other contractual forms. Note 3: The extent of risk allocation depends on the credibility and transparency of the risk sharing scheme. Note 4: Risk transfer is a form of risk sharing. 4.8.1.4
risk sharing financing
risk financing
a form of risk response (4.8.1) in which contingency funding arrangements are made to face or deal with a financial consequence (4.6.1.3) that may occur. 4.8.1.5
risk retention
acceptance of the potential gain or loss of a particular risk (2.1). Note 1: Risk retention includes acceptance of residual risk (4.8.1.6). Note 2: The level of risk retained (4.6.1.8) depends on the risk criteria (4.3.1.3). 4.8.1.6
residual risk
risk
The risk (2.1) that remains after the risk response (4.8.1) has been completed. NOTE 1 Residual risk may include unidentified risks. NOTE 2 Residual risk is referred to as “retained risk”. 4.8.1.7
Resilience
resillience
the ability of an organization to adapt to a complex and changing environment. 4.8.2
Terms related to monitoring and measurement
monitoring
continuously checking, monitoring, closely observing or confirming the status of risks to identify risks that are related to Requirement or expected performance is too high. Note: Supervision can be used to manage the risk management framework (3.1.1) risk management process (4.1). Risk (2.1) or control (4.8.1.1). 4.8.2.2
review
The activities carried out to determine the suitability, adequacy and effectiveness of a matter in achieving established objectives. Note: Review can be used for risk management framework (3.1.1), risk management process (4.1), risk (2.1) or control (4.8.1.1). 4.8.2.3
risk reportrisk reporting
Communication of information about the status of risks (2.1) and risk management to internal or external stakeholders (4.2.1.1). 6
risk register
Risk register
Record of information about identified risks (2.1).
NOTE: The term "risk log" is sometimes used instead of "risk register". 4.8.2.5
Risk profile
risk profile
Description of a group of risks (2.1)
GB/T 23694—2013/IS0Guide73:2009NOTE: A group of risks may include risks to the entire group, part of the organization or other relevant parties. 4.8.2.6
Risk management audit
Systematic, independent and documented process for obtaining evidence and conducting an objective evaluation to determine the adequacy and effectiveness of the risk management framework (3.1.1) or part of it. GB/T 23694-2013/IS0 Guide 73:2009[1
150 704:2000
150 860.2007
Gongkaowen
Terminology
Principles and methods
Concepts and terminology
Terminology
GB/T3358.1-20C9Statistical vocabulary and symbols Part 1: General statistical terms and terms used in summary Quality management system fundamentals and terminology (GB/T190C0-2003.IS09005:2505.IDT)GR/T 19000
CB/T20001.1-2001 Rules for the preparation of standards Part 1, Clauses (150) 10241: 1992, NEQ GB/T24353—2009
Risk management principles and implementation guidelines
CB/T 20000.1- 2502
IEC Guide 2.1H96, MOD)
[87 GB/T20000.42003
51,1999, OD)
Standardization.1. Guidelines for work Part 1: General reference for standardization and related activities ISO/Standardization work guidelines Part 4: Safety-related aspects of post-production (ISO/IFCrmide:2009[1
150 704:2000
150 860.2007
Gongkaowen
Terminology
Principles and methods
Concepts and terminology
Terminology
GB/T3358.1-20C9Statistical vocabulary and symbols Part 1: General statistical terms and terms used in summary Quality management system fundamentals and terminology (GB/T190C0-2003.IS09005:2505.IDT)GR/T 19000
CB/T20001.1-2001 Rules for the preparation of standards Part 1, Clauses (150) 10241: 1992, NEQ GB/T24353—2009
Risk management principles and implementation guidelines
CB/T 20000.1- 2502
IEC Guide 2.1H96, MOD)
[87 GB/T20000.42003
51,1999, OD)
Standardization.1. Guidelines for work Part 1: General reference for standardization and related activities ISO/Standardization work guidelines Part 4: Safety-related aspects of post-production (ISO/IFCrmide:2009[1
150 704:2000
150 860.2007
Gongkaowen
Terminology
Principles and methods
Concepts and terminology
Terminology
GB/T3358.1-20C9 Statistical vocabulary and symbols Part 1: General statistical terms and terms used in summary Quality management system fundamentals and terminology (GB/T190C0-2003.IS09005:2505.IDT)GR/T 19000
CB/T20001.1-2001 Rules for the preparation of standards Part 1, Clauses (150) 10241: 1992, NEQ GB/T24353—2009
Risk management principles and implementation guidelines
CB/T 20000.1- 2502
IEC Guide 2.1H96, MOD)
[87 GB/T20000.42003
51,1999, OD)
Standardization.1. Guidelines for work Part 1: General reference for standardization and related activities ISO/Standardization work guidelines Part 4: Safety-related aspects of post-production (ISO/IFCrmide:
Tip: This standard content only shows part of the intercepted content of the complete standard. If you need the complete standard, please go to the top to download the complete standard document for free.