Professional Documents
Culture Documents
ISO 31000:2018 provides guidelines on managing risk faced by organizations. The application
of these guidelines can be customized to any organization and its context.
ISO 31000:2018 provides a common approach to managing any type of risk and is not industry
or sector specific.
ISO 31000:2018 can be used throughout the life of the organization and can be applied to any
activity, including decision-making at all levels.
Risk:
Risk is “effect of uncertainty on objectives”, which focuses on the effect of incomplete
knowledge of events or circumstances on an organization’s decision making.
Risk Analysis:
Risk analysis is a process that is used to understand the nature, sources,
and causes of the risks that you have identified and to estimate the level of
risk. It is also used to study impacts and consequences and to examine the
controls that currently exist. How detailed your risk analysis ought to be
will depend upon the risk, the purpose of the analysis, the information
you have, and the resources available.
Risk Assessment:
The term risk management also refers to the programmed that is used to
manage risk. This programmed includes risk management principles, a
risk management framework, and a risk management process.