Risks affecting organizations may have consequences in terms of societal, environmental, technological, safety and security outcomes; commercial, financial and economic disciplines, as well as social, cultural and political reputation impacts.
When risks occur, organizations always have to ask the question: "Is the level of risk tolerable or acceptable, and does it require further treatment? "
Risk assessment is an integral part of risk management which provides a structured process for organizations to identify how objectives may be affected. It is used to analyse the risk in terms of consequences and their probabilities, before the organization decides on further treatment, if required.
New ISO/IEC standard on risk assessment toolbox
No comments:
Post a Comment