Audit Information systems & IT Security
Audit Information systems & IT Security
Menu

: Home

: Terminology

: Best Practice
: : COBIT
: : ISO 27002 (ISO 17799)
: : ISO 27001
: : ISO 27000 Series
: : ISO 20000 - ITIL
: : COSO
: : Info Security Policy
: : Security Domains

: SOX

: Links
: : Organisations
: : Standards Orgs
: : Audit Links
: : Security Links

: The News Page

: Your IP Address

: Contact
: Legal Disclaimer
Search







Audit Information systems & and IT Security

Information System audit and IT Security

Definitions and Terminology

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z


Risk


The potential that a given threat will exploit vulnerabilities of an asset or group of assets to cause loss and/or damage to the assets. It usually is measured by a combination of impact and probability of occurrence.

source: COBIT 4.0

combination of the probability of an event and its consequence

source: ISO17799:2005 and ISO27002:2005

the potential that a given threat will exploit vulnerabilities of an asset or group of assets and thereby cause harm to the organization. It is measured in terms of a combination of the probability of an event and its consequence

source: ISO13335-1, 2004

The possibility that an event will occur and adversely affect the achievement of objectives.

source: COSO, 2004

A possible event that could cause harm or loss, or affect the ability to achieve Objectives. A Risk is measured by the probability of a Threat, the Vulnerability of the Asset to that Threat, and the Impact it would have if it occurred.

source: ITIL v3, Service Operation, 2007

A possible event that could cause harm or loss, or affect the ability to achieve Objectives. A Risk is measured by the probability of a Threat, the Vulnerability of the Asset to that Threat, and the Impact it would have if it occurred.

source: ITIL v3, Service Design, 2007

A possible event that could cause harm or loss, or affect the ability to achieve Objectives. A Risk is measured by the probability of a Threat, the Vulnerability of the Asset to that Threat, and the Impact it would have if it occurred.

source: ITIL v3, Service Transition, 2007

A possible event that could cause harm or loss, or affect the ability to achieve Objectives. A Risk is measured by the probability of a Threat, the Vulnerability of the Asset to that Threat, and the Impact it would have if it occurred.

source: ITIL v3, Continual Service Improvement, 2007

A possible event that could cause harm or loss, or affect the ability to achieve Objectives. A Risk is measured by the probability of a Threat, the Vulnerability of the Asset to that Threat, and the Impact it would have if it occurred.

source: ITIL v3, Service Strategy, 2007


Google
 
Web www.audit-is.com

 

 



   
Auditing Security and IT Systems
Copyright 2006-2008. All Rights Reserved. Something missing on this page? Let us know