DEFINITIONS, STANDARDS AND GLOSSARY OF TERMS
It is very helpful in any context, but especially in information risk management that we have a common understanding of the terminology used. For example, people often refer to risk when they actually mean threat without perhaps realising that there is a distinct difference.
In this section, we shall provide definitions of all the key terms used in information risk management, most of which originate in ISO Guide 73:2009 Risk Management – Vocabulary.
We shall then move on to cover the main national and international standards and good practice guidelines used in the management of information risk, and also identify where the reader can obtain them.
Risk management can be significantly more effective ...