Abstract:
The risk is the mathematical estimation of the probability of human loss, material
damage, environmental damage, social and psychological damage, over a reference period,
respectively future and in a given area, for a certain type of risk event. Risk is defined as a
product between the probability of the disaster occurring and its impact [1].
Risks exist in all information systems, but they do not necessarily occur. Most experts
are of the opinion: the sooner the potential danger will be determined, the more time it will
remain for the team of designers to neutralize it or minimize the losses. Thus, the
identification of risks must be carried out at the beginning of the works on the information
systems. The risks that affect a system and that must be considered at the estimation stage can
be differentiated as inherent risks, control risks and undetected risks.