Glossary

Filter:
# A B C D E F G H I J K L M N O P Q R S T U V W X Y Z All
R
R&D
RAC
RAM
RAT
RC4
RD
RED
REL
RF
RFC
RFE
RFP
RKV
RL
RMR
RO
ROM
RPM
RQT
RSA
Rsh
RSN
RTI
RTM
RTS
Run
RWX
Risk Analysis
  • Comparing the probable cost of threats with those of protections; process by which firms weigh the costs of threats against the costs of defenses.
  • A part of risk management that is used to minimize risk by effectively applying security measures commensurate with the relative threats, vulnerabilities, and values of the resources to be protected. The value of the resources includes impact on the organization the automated system supports and the impact of the loss or unauthorized modification of data. Risk analysis consists of four modules: sensitivity assessment, risk assessment, economic assessment, and security test and evaluation. (AFR 205-16;; AFR 700-10;)
  • An analysis of system assets and vulnerabilities to establish an expected loss from certain events based on estimated probabilities of occurrence. (AR 380-380;; FIPS PUB 39;)
  • The process of identifying security risks, determining their magnitude, and identifying areas needing safeguards. (NCSC-WA-001-85;; DODD 5200. 28;) See Risk Assessment.
  • A method by which individual vulnerabilities are compared to perceived or actual security threat scenarios to determine the likelihood of compromise of protected information. See Risk Assessment. *An analysis of system assets and vulnerabilities to establish expected loss from certain events based on estimated probabilities of the occurrence of those events. (DOE, Glossary of Safeguards and Security, 8/87)
  • Synonymous with RISK ASSESSMENT.