睿地可靠度論壇（TW-REDI Forum）

標題: 風險管理相關標準文件 [打印本頁]

作者: hlperng 時間: 2014-5-2 09:18:18 標題: 風險管理相關標準文件

本帖最後由 hlperng 於 2021-4-8 18:33 編輯

風險管理 (Risk Management) 相關標準文件依發行時間後先次序：

ISO 24971:2013 (ed1.0), Medical devices - Guidance on the application of ISO 14971
CNS 27005:2013, 資訊技術 - 安全技術 - 資訊安全風險管理 (Information technology - Security techniques - Informatin security risk management) （等同 ISO 27005:2011）
IEC 62198:2013 (ed2.0), Managing risk in project - Application guide
ISO 31004:2013 (ed1.0), Risk management - Guidance for the implementation of ISO 31000
CNS 31010:2012, 風險管理 - 風險評鑑技術 (Risk management - Risk assessment techniques) （等同 ISO 31010:2009）.
CNS 31000:2012, 風險管理 - 原則與指導綱要 (Risk management - Principles and guidelines) （等同 ISO 31000:2009）.
CNS 14889:2012, 風險管理 - 詞彙（等同 ISO/IEC Guide 73:2009）
CNS 15508-1:2011, 機械安全 - 風險評鑑 - 第一部：原則 (Safety of machinery - Risk assessment - Part 1: Principles)（等同 ISO 14121-1:2007 revised by ISO 12100:2010）
GB/T 27921:2011, Risk Management - Risk assessment techniques (ISO 31010:2009 IDT)
NASA-SP-2011-3422 (2011), NASA Risk Management Handbook
ANSI/ASSE/ISO Guide 73:2011, American National Standard - Vocabulary for Risk Management (ISO Guide 73:2009 IDT)
ANSI/ASSE/ISO 31000:2011, American National Standards for Risk Management Principles and Guidelines (ISO 31000:2009 IDT)
ANSI/ASSE/ISO 31010:2011, American National Standard for Risk Assessment Techniques (ISO 31010:2009 IDT)
ISO/IEC 27005:2011 (ed2.0), Information Technology - Security Techniques - Information Security Risk Management
JIS Q 31010:2010, Risk Management - Risk assessment techniques (ISO 31010:2009 IDT)
JIS Q 31000:2010, Risk Management - Principles and guidelines (ISO 31000:2009 IDT)
CSA/ISO 31000:2010, Risk Management - Principles and Guidelines
ONR 49000:2010, Risk Management for Organizations and Systems - Terms and Principles - Implementation of ISO 31000.
NIST SP-800-37:2010, Guide for Applying the Risk Management Framework to Federal Information Systems - A Security Life Cycle Approach.
IEC 80001-1:2010 (ed1.0), Application of Risk Management for IT-Networks Incorporating Medical Devices - Part 1: Roles, Responsibilities and Activities.
ISO 12100:2010 (ed1.0), Safety of Machinery - General Principles for Design - Risk Assessment and Risk Reduction.
GB/T 24353:2009, Risk Management - Principles and guidelines (ISO 31000:2009 IDT)
GB/T 23694:2009, 風險管理 - 術語（等同ISO/IEC Guide 73:2002).
-, 風險管理及危機處理作業手冊，行政院研考會，2009。
FAA-H-8083-2:2009, Risk Management Handbook, US DOT.
AS/NZS ISO 31000:2009, Risk management - Principles and guidelines
ISO/IEC 31010:2009 (ed1.0), Risk Management - Risk Assessment Techniques
ISO/IEC 31000:2009 (ed1.0), Risk Management - Principles and Guidelines
ISO Guide 73:2009 (ed1.0), Risk Management - Vocabulary
ONR 49000:2008, Risk Management for Organizations and Systems - Terms and Principles - Pratical use of ISO/DIS 31000
BS-31100:2008, Code of Practice for Risk Management
ISO/IEC 27005:2008 (ed1.0), Information technology - Security techniques - Information security risk management (revised by ISO/IEC 27005:2011 ed2.0).
ISO 14971:2007 (ed2.0), Medical Devices - Application of Risk Management to Medical Devices
ISO 14121-1:2007 (ed1.0), Safety of Machinery - Risk Assessment - Part 1: Principles (withdrawn and replaced by ISO 12100:2010).
ISO 14121-2:2007 (ed1.0), Safety of Machinery - Risk Assessment - Part 2: Practical Guidance and Examples of Methods (Technical Report) (revised by ISO 14121-2:2012 ed2.0)
CNS 14989:2006, 醫療器材風險管理（等同ISO 14971:2000 ed1.0）.
ISO 16085:2006 (ed2.0), Systems and Software Engineering - Life Cycle Processes - Risk Management
-, Risk Management Guide for DoD Acquisition, 6th ed., US DoD, 2006.
GB/T 20032:2005, 項目(專案)風險管理 - 應用指南（等同IEC 62198:2001）.
-, 風險管理作業手冊，行政院研考會，2005。
AS/NZS HB-436:2004, Risk management guidelines - Companion to AS/NZS 4360:2004.
AS HB 205:2004, OHS Risk management handbook.
CMU/SEI-2004-TN-002:2004, A Roadmap of Risk Diagnostic Methods: Developing and Integrated View of Risk Identification and Analysis Techniques.
AS/NZS 4360:2004, Risk Management (replaced by AS/NZS ISO 31000:2009).
ISO 16085:2004 (ed1.0), Systems and Software Engineering - Life Cycle Processes - Risk Management.
NIST-SP-800-30:2002, Risk Management Guide for Information Technology Systems.
ISO/IEC Guide 73:2002 (ed1.0), Risk management - Vocabulary - Guidelines for use in standards (withdrawn)
-, Risk Management Guide for DoD Acquisition, 4th ed., US DoD, 2001.
JIS-Q-2001:2001, Guidelines for Development and Implementation of Risk Management System.
IEEE-STD-1540:2001, IEEE Standard for Software Life Cycle Processes - Risk Management. (superseded by ISO/IEC 16085:2004)
IEC 62198:2001 (ed1.0), Project risk management - Application guidelines (revised by IEC 62198:2013 ed. 2.0)
-, Risk Management Guide for DoD Acquisition, 3rd ed., US DoD, 2000.
ISO 14971:2000 (ed1.0), Medical Devices - Application of Risk Management to Medical Devices (revised by ISO 14971:2007 ed2.0)
-, Risk Management Guide for DoD Acqusition, 2nd ed., US DoD, 1999.
AS/NZS 4360:1999, Risk management.
NAVSO-P-3686, Top Eleven Ways to Manage Technical Risk, US NAVY, 1998.
-, Risk Management Guide for DoD Acquisition, 1998.
CSA-Q-850:1997 (ed1.0), Risk Management - Guidelines for Decision-Makers.
IEC 60300-3-9:1995 (ed1.0), Dependability Management - Part 3: Application Guide - Section 9: Risk Analysis of Technological Systems. (withdrawn and replaced by IEC/ISO 31010:2009, ed1.0)

風險定義的發展脈絡：
1967    1995       2001          2002          2009
MIL  ⇒ IEC ⇒ IEC ⇒ ISO/IEC    ⇒  ISO →  不確定性
                                                      ⇒  IEC → 危害、安全性
詳見：http://redi.org.tw/forum.php?mod ... ge=1&extra=#pid1526

參考資料：

ASSE Tech Brief (2012), ANSI/ASSE/ISO Risk Management & Risk Assessment Standards

歡迎光臨睿地可靠度論壇（TW-REDI Forum） (http://60-251-32-214.hinet-ip.hinet.net/)