BS 31010:2010 pdf download – Risk management Risk assessment techniques

BS 31010:2010 pdf download – Risk management Risk assessment techniques • providing information for decision makers; • contributing to the understanding of risks, in order to assist in selection of treatment options; • identifying the important contributors to risks and weak links in systems and organizations; • comparing of risks in alternative systems, technologies or approaches; • communicating risks and uncertainties; • assisting with establishing priorities; • contributing towards incident prevention based upon post-incident investigation; • selecting different forms of risk treatment; • meeting regulatory requirements; • providing information that will help evaluate whether the risk should be accepted when compared with pre-defined criteria; • assessing risks for end-of-life disposal. 4.2 Risk assessment and the risk management framework This standard assumes that the risk assessment is performed within the framework and process of risk management described in ISO 31 000. A risk management framework provides the policies, procedures and organizational arrangements that will embed risk management throughout the organization at all levels. As part of this framework, the organization should have a policy or strategy for deciding when and how risks should be assessed. In particular, those carrying out risk assessments should be clear about • the context and objectives of the organization, • the extent and type of risks that are tolerable, and how unacceptable risks are to be treated, • how risk assessment integrates into organizational processes, • methods and techniques to be used for risk assessment, and their contribution to the risk management process, • accountability, responsibility and authority for performing risk assessment, • resources available to carry out risk assessment, • how the risk assessment will be reported and reviewed. 4.3 Risk assessment and the risk management process 4.3.1 General Risk assessment comprises the core elements of the risk management process which are defined in ISO 31 000 and contain the following elements: • communication and consultation; • establishing the context; • risk assessment (comprising risk identification, risk analysis and risk evaluation); • risk treatment; • monitoring and review. Risk assessment is not a stand-alone activity and should be fully integrated into the other components in the risk management process. 4.3.2 Communication and consultation Successful risk assessment is dependent on effective communication and consultation with stakeholders. Involving stakeholders in the risk management process will assist in • developing a communication plan, • defining the context appropriately, • ensuring that the interests of stakeholders are understood and...