Scribd
Upload
619 views2 pages

Chapter11 Corgov

Risk management involves identifying, analyzing, and controlling risks. It includes risk planning, assessing risk areas, developing risk handling options, and monitoring risks. ISO defines risk management as identifying, assessing, and prioritizing risks followed by applying resources to minimize, monitor, and control risks and maximize opportunities. The basic principles of risk management are to create value, address uncertainty, be integrated into decision making, be dynamic and responsive to change, enable continual improvement, and be systematic. The key steps in ISO's risk management process are establishing context, identifying risks, assessing risks, and treating risks. An effective company-wide risk management system should have goals and objectives, a risk language, an organizational structure, and documented risk management processes.

Uploaded by

EANNA15
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
619 views2 pages

Chapter11 Corgov

Risk management involves identifying, analyzing, and controlling risks. It includes risk planning, assessing risk areas, developing risk handling options, and monitoring risks. ISO defines risk management as identifying, assessing, and prioritizing risks followed by applying resources to minimize, monitor, and control risks and maximize opportunities. The basic principles of risk management are to create value, address uncertainty, be integrated into decision making, be dynamic and responsive to change, enable continual improvement, and be systematic. The key steps in ISO's risk management process are establishing context, identifying risks, assessing risks, and treating risks. An effective company-wide risk management system should have goals and objectives, a risk language, an organizational structure, and documented risk management processes.

Uploaded by

EANNA15
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

CHAPTER 11

1. Risk management
 is the process of measuring or assessing the risk and developing strategies to manage it.
Risk management is a systematic approach in identifying, analyzing and controlling areas
or events with a potential for causing unwanted change. It is an act or practice of
controlling risk. It includes
2. Basic approach in managing risk
 risk planning , assessing risk areas , developing handling risk options, monitoring risk to
determine how risk have change and documenting overall risk management program.
3. How ISO define “risk management”
 Risk management is the identification , assessment , and prioritization of risks followed
by coordinated and economical application of resources to minimize, monitor and
control the probability and/or impact of unfortunate events and to maximize the
realization of opportunities.
4. Basic principles of risk management:
a. Create value-resources spent to imitate risk should be less than the consequence of action
like benefits should exceed the costs.
b. Address uncertainty and assumptions
c. Be an integral part of the organizational access and decision making
d. Be dynamic, iterative, transparent, tailorable, and responsive to change
e. Create capability of continual improvement and enhanced considering the best available
information and human factors.
f. Be systematic , structured and continually or periodically reassessed
5. Steps in the ISO 31000 risk management process
a. Establishing the context. This involve:
 Identification of risk in a selected domain of interest
 Planning the remainder of the process
 Mapping out the following:
i. The social scope of risk management
ii. The identity and objectives of stakeholders
iii. The basis upon which risk will be evaluated, constraints.
 Defining a framework for the activity and an agenda for identification.
 Developing an analysis of risk for the activity and an agenda for identification
 Developing an analysis of risk involved in the process.
 Mitigation or Solution of risk using available technological , human and organizational
resources.
b. Identification of potential risk. Risk identification can start with the analysis of the source
of problem or with the analysis of the problem itself. Common risk identification methods
are(1) objective-based method;(2) scenario –based method;(3) taxonomy-based method;(4)
common-risk checking;(5) risk charting.
c. Risk assessment . Once risk have been identified , their potantail severity of impact and the
probability of occurrence must be assessed.
6. Elements of the risk management process
a. Identification, characterization and assessments of threats.
b. Assessment of the vulnerability of critical assets to specific threats.
c. Determination of the risk
d. Identification od ways to reduce those risk
e. Prioritization of rik reduction measures based on strategy.
7. Key elements that the company –wide risk management system should possess
a. Goals and objectives
b. Risk language identification
c. Organization structure
d. The risk management process documentation.
Multiple choice:
1. B
2. D
3. A
4. A
5. D
6. A
7. C
8. D
9. D

You might also like