IRM 2002 (†491)A Risk Management Standard (Institute of Risk Management, [2002?]).
- risk (p. 2): Risk can be defined as the combination of the probability of an event and its consequences (ISO/IEC Guide 73). ¶ In all types of undertaking, there is the potential for events and consequences that constitute opportunities for benefit (upside) or threats to success (downside). (†748)
- risk assessment (p. 5): Risk Assessment is defined by the ISO/IEC Guide 73 as the overall process of risk analysis and risk evaluation. (†750)
- risk management (p. 2): Risk management is a central part of any organisation’s strategic management. It is the process whereby organisations methodically address the risks attaching to their activities with the goal of achieving sustained benefit within each activity and across the portfolio of all activities. ¶ The focus of good risk management is the identification and treatment of these risks. Its objective is to add maximum sustainable value to all the activities of the organisation. It marshals the understanding of the potential upside and downside of all those factors which can affect the organisation. It increases the probability of success, and reduces both the probability of failure and the uncertainty of achieving the organisation’s overall objectives. (†749)