Risk Communication and Consultation
Continual and iterative processes that an organization conducts to provide, share or obtain information, and to engage in dialogue with stakeholders regarding the management of risk.
- Note 1 to entry: The information can relate to the existence, nature, form, likelihood, significance, evaluation, acceptability and treatment of risk.
- Note 2 to entry: Consultation is a two-way process of informed communication between an organization and its stakeholders on an issue prior to making a decision or determining a direction on that issue. Consultation is:
- a process which impacts on a decision through influence rather than power; and
- an input to decision making, not joint decision making.
Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global Standards