Definition(s)
Risk Management
The process of identifying, analyzing, assessing, and communicating risk and accepting, avoiding, transferring or controlling it to an acceptable level considering associated costs and benefits of any actions taken.
Source: API RP 781 Security Plan Methodology for the Oil and Natural Gas Industries.1st Ed. September 2016. Global Standards
Risk Management
Coordinated activities to direct and control an organization with regard to risk.
Source: API Bulletin 97, Well Construction Interface Document Guidelines, First Edition, December 2013. Global Standards
Risk Management
Process of identifying, analyzing, assessing, and communicating risk and accepting, avoiding, transferring or controlling it to an acceptable level considering associated costs and benefits of any actions taken.
Source:API STANDARD 780, Security Risk Assessment Methodology for the Petroleum and Petrochemical Industries, First Edition, May 2013. Global Standards
Risk Management
Process of identifying, analyzing, assessing, and communicating risk and accepting, avoiding, transferring or controlling it to an acceptable level considering associated costs and benefits of any actions taken.
Sample Usage: The organization employed risk management to understand and reduce the risk it faced.
Annotation: Effective risk management improves the quality of decision making. Risk management principles acknowledge that, while risk often cannot be eliminated, actions can usually be taken to control risk.
Source: DHS Risk Lexicon, U.S. Department of Homeland Security, 2010 Edition. September 2010 Regulatory Guidance
Risk Management
Risk management inter alia includes assessment and evaluation of risk, as well as planning and implementation of risk reducing measures:
Source: Guidance Notes on Petroleum and Natural Gas (Safety in Offshore Operations) Rules, 2008, Oil Industry Safety Directorate (India), 2012. Regulatory Guidance
Risk Management
Coordinated activities to direct and control an organization with regard to risk.
[SOURCE: ISO Guide 73:2009]
Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global Standards
Risk Management
Coordinated activities to direct and control an organization with regard to risk.
Other Related Terms and Definitions:
ISO Guide 73 – Coordinated activities to direct and control an organization with regard to risk.
Source: International Association of Drilling Contractors, Appendix 2 to Health, Safety and Environment Case Guidelines for Offshore Drilling Contractors, Issue 3.3.2, February 2010. IADC Guidelines
Risk Management
Coordinated activities to direct and control an organization with regard to risk (1.1).
Source: ISO Guide 73:2009(E/F), Risk Management – Vocabulary, First Edition, 2009. Global Standards
Risk Management
The process of identifying, analyzing, assessing, and communicating risk and accepting, avoiding, transferring or controlling it to an acceptable level considering associated costs and benefits of any actions taken.
Extended Definition: Includes:
- conducting a risk assessment;
- implementing strategies to mitigate risks;
- continuous monitoring of risk over time; and
- documenting the overall risk management program.
From: DHS Risk Lexicon and Adapted from: CNSSI 4009, NIST SP 800-53 Rev 4.
Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Risk Management
Process of identifying and applying countermeasures commensurate with the value of the assets protected based on a risk assessment [9].
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard