Definition(s)
Risk Management Process
Systematic application of management policies, procedures and practices to the activities of communicating, consulting, establishing the context, and identifying, analyzing, evaluating, treating, monitoring (3.8.2.1) and reviewing risk (1.1).
Source: ISO Guide 73:2009(E/F), Risk Management – Vocabulary, First Edition, 2009. Global Standards
Risk Management Process
Systematic application of management policies, procedures and practices to the activities of communicating, consulting, establishing the context and identifying, analysing, evaluating, treating, monitoring and reviewing risk.
[SOURCE: ISO Guide 73:2009]
- Note 1 to entry: ISO/IEC 27005 uses the term ‘process’ to describe risk management overall. The elements within the risk management process are termed ‘activities’.
Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global Standards