The IT Law Wiki

Risk avoidance

32,299pages on
this wiki
Add New Page
Talk0 Share

Definitions Edit

Risk avoidance is

[a] security philosophy which postulates that adversaries are all-knowing and highly competent, against which risks are avoided by maximizing defenses and minimizing vulnerabilities.[1]
[a] risk-handling option that eliminates risk by eliminating or modifying the concept, requirements, specifications, or practices that create the unacceptable risk.[2]
restructuring business processes or information systems, or ending activities to eliminate potential exposure.[3]

Risk avoidance refers to "strategies or measures taken that effectively remove exposure to a risk."[4]

Overview Edit

"Risk avoidance is one of a set of four commonly used risk management strategies, along with risk control, risk acceptance, and risk transfer."[5]

References Edit

  1. OPSEC Glossary of Terms.
  2. Department of Defense, Glossary of Defense Acquisition Acronyms and Terms (14th ed. July 2011) (full-text).
  3. Electricity Subsector Cybersecurity Risk Management Process, App. G, at 84.
  4. DHS Risk Lexicon, at 28.
  5. Id.

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Also on Fandom

Random Wiki