风险评估

¨    [ISO/IEC 17799:2000]

    Assessment of threats to, impacts on and vulnerabilities of information and information processing facilities and the likelihood of their occurrence.

   对信息和信息处理设施的危害、影响和薄弱点及三者发生的可能性的评估。

¨     [ISO Guide 73:2002]

    Overall process of risk analysis and risk evaluation.

    风险分析和风险评价的整个过程。