The IT Law Wiki

Organizational risk

32,057pages on
this wiki
Add New Page
Add New Page Talk0

Definition Edit

Organizational risk encompasses "the totality of risk concerns as defined by the stakeholders."[1]

Overview Edit

Organizational risk can include many types of risk (e.g., investment risk, budgetary risk, program management risk, legal liability risk, safety risk, inventory risk, and the risk from information systems).[2]

Managing organizational risk is not an exact science. It brings together the best collective judgments of the individuals responsible for the strategic planning and day-to-day operations of organizations to provide adequate security and risk mitigation.

References Edit

  1. NIST Special Publication 800-160, at B-8.
  2. Smart Grid Interoperability Panel – Cyber Security Working Group, Smart Grid Cyber Security Strategy and Requirements 1 (Draft NISTIR 7628 Feb. 2010).

Also on Fandom

Random Wiki