Skip to content

Your glossary for risk and compliance

Helpful definitions of all of the terms you need to know to better manage risk and compliance.

ISO 31000


According to ISO 31000, risk is the “effect of uncertainty on objectives” and an effect is a positive or negative deviation from what is expected. The following will explain what this means.

ISO 31000 recognizes that all of us operate in an uncertain world. Whenever we try to achieve an objective, there’s always the chance that things will not go according to plan. Every step has an element of risk that needs to be managed and every outcome is uncertain. Whenever we try to achieve an objective, we don't always get the results we expect. Sometimes we get positive results and sometimes we get negative results and occasionally we get both.

The traditional definition of risk combines three elements: it starts with a potential event and then combines its probability with its potential severity. A high-risk event would have a high likelihood of occurring and a severe impact if it actually occurred.

While ISO 31000 defines risk in a new and unusual way, the old and the new definitions are largely compatible. Both definitions talk about the same phenomena but from two different perspectives. ISO thinks of risk in goal-oriented terms while the traditional definition thinks of risk in event-oriented terms. These two definitions can and do co-exist.
They’re two different ways of talking about the same phenomena.

ISO provides a conceptual definition of risk while the traditional formulation operationalizes this general definition: it explains how to quantify risk. It argues that the amount or level of risk can be calculated by combining probability and severity.
Back to glossary search

Why businesses and advisors choose 6clicks

It's faster, easier and more cost effective than any alternative.

6clicks Circle Logo

Powered by artificial

Experience the magic of Hailey, our artificial intelligence engine for risk and compliance.

6clicks Circle Logo

Unique Hub & Spoke architecture

Deploy multiple teams all connected to a hub - perfect for federated, multi-team structures.

6clicks Circle Logo

Fully integrated
content library

Access 100's of standards, control sets, assessment templates, libraries and playbooks.

Are you ready to experience AI-powered GRC?