Risk Communication and Consultation

Continual and iterative processes that an organization conducts to provide, share or obtain information, and to engage in dialogue with stakeholders regarding the management of risk.

  • Note 1 to entry: The information can relate to the existence, nature, form, likelihood, significance, evaluation, acceptability and treatment of risk.
  • Note 2 to entry: Consultation is a two-way process of informed communication between an organization and its stakeholders on an issue prior to making a decision or determining a direction on that issue. Consultation is:
    • a process which impacts on a decision through influence rather than power; and
    • an input to decision making, not joint decision making.

Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global Standards

Comments are closed.