Glossary and Abbreviations
The following terms and abbreviations are used throughout the text. Citations and sources are included where appropriate.
ALARP | As low as reasonably possible. A level after which it would be too expensive or disruptive to reduce the risk any further. |
Downside risk | A risk that would hinder your objectives. |
HSE | Health, Safety and Environment. Sometimes HSSE to include security. |
Impact | The effect a risk source would have on your objectives. Effect or consequence are often used as synonyms. |
KISS | Keep it stupid simple. The principle that systems work best when they are as simple as possible. Attributed to Lockheed engineer Kelly Johnson. |
Likelihood | “The chance of something happening” (ISO). |
Opportunity | The source of an upside risk. |
Risk | “The effect of uncertainty on objectives” (ISO). Risks can have a positive or negative effect – see upside and downside risks. |
Risk appetite | The amount of risk an organization is comfortable with on a day-to-day basis or the amount of upside risk that it wants to pursue. |
Risk tolerance | The amount of risk an organization can bear for a short period of time. |
Threat | The source of a downside risk. Hazard can be used synonymously. |
Upside risk | A risk that would support your objectives. |
Vulnerability | An absence of or weakness in controls or defenses designed to prevent a threat from causing an impact. A low vulnerability indicates comprehensive protective measures are in place. Exposure is used synonymously in some cases. |