The dataModel.RiskManagement subject has available 10 data models for risk management.
- Asset. An item of value to stakeholders. An asset may be tangible (e.g., a physical item such as hardware, firmware, computing platform, network device, or another technology component) or intangible (e.g., humans, data, information, software, capability, function, service, trademark, copyright, patent, intellectual property, image, or reputation). The value of an asset is determined by stakeholders in consideration of loss concerns across the entire system life cycle. Such concerns include but are not limited to business or mission concerns.
- CyberAnalysis. The entity that represents analysis performed by digital tools to detect for example, network traffic anomalies
- Exposure. This entity contains a harmonized description of a generic Exposure Entity made for the Risk Assessment domain.
- GISData. This entity contains a harmonized description of generic GISData made for the Risk Assessment domain.
- Hazard. This entity contains a harmonized description of a generic Hazard entity made for the Risk Assessment domain.
- Measure. Specific measure translated into actions to be performed into the different systems
- Mitigation. The mitigation of consequences reduces the risk after an event has occurred. Therefore, this risk reduction measure is not suitable for the reduction of the likelihood of events but for the reduction of the negative consequences. Examples for consequence mitigation measures could be e.g. the construction of connection pipes to the neighbor water supplier(s) to get water from them in case of a breakdown of the own water supply, the construction of wells for an emergency supply or signing of contracts with organizations providing small mobile emergency water treatment plants.
- Risk. Effect of uncertainty on objectives. An effect is a deviation from the expected—positive and/or negative. Objectives can have different aspects (such as financial, health and safety, and environmental goals) and can apply at different levels (such as strategic, organization-wide, project, product and process). Risk is often characterized by reference to potential events and consequences, or a combination of these. Risk is often expressed in terms of a combination of the consequences of an event (including changes in circumstances) and the associated likelihood of occurrence. Uncertainty is the state, even partial, of deficiency of information related to, understanding or knowledge of, an event, its consequence, or likelihood.
- Vulnerability. This entity contains a harmonized description of a generic Vulnerability Entity made for the Risk Assessment domain.
Thanks to the Contributors