Definitions Edit

Risk reduction (also called safeguard implementation) is the "decrease in risk through risk avoidance, risk control, or risk transfer."[1]

Risk reduction is

[t]he lessening of security risk exposure to an acceptable level. This requires the identification, analysis, selection, approval, and implementation of cost-effective AIS protective measures.[2]

Overview Edit

Risk reduction may be estimated during both the decision and evaluation phases of the risk management cycle. It can be accomplished by reducing vulnerability and/or consequences (damages).[3]

References Edit

  1. DHS Risk Lexicon, at 32.
  2. NASA Automated Information Security Handbook, App. C.
  3. DHS Risk Lexicon, at 32.

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.