I was pleased to see that The Open Group is adopting a Risk Taxonomy based on work by the fine folks at Risk Management Insight:

With a goal of getting IT professionals to use standard terminology and eliminate ambiguity in expressing important risk-management concepts, the Open Group is finalizing a 50-page compendium of “risk-management and analysis taxonomy.”

The Open Group Security Forum’s risk taxonomy of about 100 expressions will not only address seemingly simple words such as threat, vulnerability and risk, but less common terms such as control strength.

The taxonomy study, which is expected to be publicly available around August, will be based on intellectual property contributed by Open Group member Risk Management Insight.

Congratulations to Alex, Jack, and everyone who’s been working hard on this specific effort for at least a couple of years.

I guess now I won’t get to write definitions posts any more. Oh, well. A small price to pay for a lingua franca of risk.

Chandler,

Thanks! I’m sure your last sentence was tongue in cheek, but you know we’d love it if joined TOG and helped out…

Then we could write definition posts together!