Risk management: The coordinated activities undertaken to direct and control an organization with regard to risk. It involves the identification, assessment, and prioritization of risks, followed by the application of resources to reduce, monitor, and control the likelihood or impact of unwanted events. Effective risk management helps in reducing the likelihood of a disruptive event and mitigates the impact if such an event occurs.
Categories: CC D1: Security Principles | CCSP D6: Legal - Risk and Compliance | CISM D2: Information security risk management | CISSP D1: Security and Risk Management | Security+ D5: Security Program Management and Oversight | SSCP D3: Risk Identification Monitoring and Analysis
« Back to Glossary Index