This document is for use by people who create and protect value in organizations by managing risks, making decisions, setting and achieving objectives and improving performance.
Organizations of all types and sizes face external and internal factors and influences that make it uncertain whether they will achieve their objectives.
Managing risk is iterative and assists organizations in setting strategy, achieving objectives and making informed decisions.
Managing risk is part of governance and leadership, and is fundamental to how the organization is managed at all levels. It contributes to the improvement of management systems.
Managing risk is part of all activities associated with an organization and includes interaction with stakeholders.
Managing risk considers the external and internal context of the organization, including human behaviour and cultural factors.
Table of Contents
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Principles
5 Framework
5.1 General
5.2 Leadership and commitment
5.3 Integration
5.4 Design
5.4.1 Understanding the organization and its context
5.4.2 Articulating risk management commitment
5.4.3 Assigning organizational roles, authorities, responsibilities and accountabilities.7
5.4.4 Allocating resources
5.4.5 Establishing communication and consultation
5.5 Implementation
5.6 Evaluation
5.7 Improvement
5.7.1 Adapting
5.7.2 Continually improving
6 Process
6.1 General
6.2 Communication and consultation
6.3 Scope, context and criteria
6.3.1 General
6.3.2 Defining the scope
6.3.3 External and internal context
6.3.4 Defining risk criteria
6.4 Risk assessment
6.4.1 General
6.4.2 Risk identification
6.4.3 Risk analysis
6.4.4 Risk evaluation
6.5 Risk treatment
6.5.1 General
6.5.2 Selection of risk treatment options
6.5.3 Preparing and implementing risk treatment plans
6.6 Monitoring and review
6.7 Recording and reporting
Bibliography
Return Policy
ASSP does not accept returns on standards, either digital or hardcopy versions. Please read the sales page of the specific standard of interest and review the scope and table of contents to ensure applicability to your needs. If your concerns are related to the quality of a standard, please contact ASSP Standards Development staff.