Information Security Glossary - Q & R

Glossary – Q

Quadrant – This is the name of the technology that makes cryptographic equipment tamper-proof. 

Qualitative Risk Assessment – A subjective estimation of risk based often on ranges (e.g. low, medium, high). 

Quantitative Risk Assessment – An objective evaluation of risk based on measurable factors such as how much, how many (often using historical values of occurrence or cost). 

Glossary – R

Ransomware – Software that prevents a user from accessing their own files or network, only releasing the information after receiving payment. 

Resilience – The ability to provide and maintain an acceptable level of service in the face of faults and challenges to normal operation. 

Return on Investment – Assessing the value of a return against the initial cost. 

Risk – The combination of the probability of an event and its consequences. 

Risk Analysis – Estimating the likelihood a threat will exploit a vulnerability and the impact level if it does. 

Risk Appetite – The level of risk that an organisation is prepared to accept before action is deemed necessary to reduce it. It represents a balance between the potential benefits of innovation and the threats that change inevitably brings. 

Risk Assessment – The determination of the quantitive or qualitative value of risk related to a recognised threat. 

Risk Avoidance – This includes not performing an activity that could carry risk. 

Risk Evaluation – Combining the likelihood and impact to determine a risk rating. 

Risk Identification – Understanding what threats and vulnerabilities might have an impact on the assets or organisation. 

Risk Level – The combination of the likelihood and impact of a threat exploiting a vulnerability. 

Risk Monitoring – Checking & re-assessing levels of risk over time. 

Risk Reduction – Taking action (e.g. implementing controls) to reduce either the likelihood or impact or both, of a risk. 

Risk Treatment – Deciding to avoid, reduce, transfer or accept a risk and then monitoring and reviewing the risk over time. 

Glossary Index:

 A - C,    D - G,    H - L,    M - P,    Q - R,    S - Z.

ISMS.online is the fast and simple way to ISO 27001 certification

ISMS Online Rating: 5 out of 5
Share This