Difference between revisions of "Vulnerability"
From Open Risk Manual
Wiki admin (talk | contribs) |
Wiki admin (talk | contribs) |
||
Line 11: | Line 11: | ||
[[Category:Cyber Risk]] | [[Category:Cyber Risk]] | ||
[[Category:Business Impact Analysis]] | [[Category:Business Impact Analysis]] | ||
+ | [[Category:Disaster Risk]] |
Latest revision as of 15:58, 10 August 2021
Definition
Vulnerability. A weakness, susceptibility or flaw of an asset or control that can be exploited by one or more threats. The degree to which a person, asset, process, information, infrastructure or other resources are exposed to the actions or effects of a risk, event or other occurrence. The conditions determined by physical, social, economic and environmental factors or processes which increase the susceptibility of an individual, a community, assets or systems to the impacts of hazards.
See Also
- For positive factors which increase the ability of people to cope with hazards, see also the definitions of “Capacity” and “Coping Capacity”
Reference
- Adapted from CPMI-IOSCO and ISO/IEC 27000:2018
- https://www.undrr.org/terminology/vulnerability