Risk Taxonomy

This Risk Taxonomy Technical Standard provides a taxonomy describing the factors that drive risk – their definitions and relationships. It also provides an overview on how to use the taxonomy. It responds to the problem that the risk management community worldwide has not yet adopted a consistent definition for even the most fundamental terms in its vocabulary; e.g., threat, vulnerability, even risk itself.

This Risk Taxonomy provides the necessary foundation vocabulary, based on a fundamental analysis of what risk is, and then shows how to apply it to produce the objective, meaningful, and consistent results that business managers need in order to make informed business decisions on how to manage risk.

The intended audience includes anyone who needs to understand and/or analyze a risk condition. A particular feature of this taxonomy is that it can be applied to any risk scenario, so enabling it to be used as a foundation for normalizing the results of risk analyses across varied risk domains.

This Risk Taxonomy Technical Standard is the first in an initial set of three publications from The Open Group Security Forum, addressing Risk Management. The second will be a Guide to Risk Assessment Methodologies, and the third will be a Risk Assessment Methodology & Cookbook explaining how to apply the Risk Taxonomy to any selected risk management framework.

Bibliographic Details

Technical Standards

Catalog number C081
ISBN 1931624771
Jan 2009

49 pages.

Availability

Electronic Publication Only (hard copy not available)

See the PDF version on the web

Note: To read any of our PDF files you will need Adobe Acrobat Version 3 or higher.