Risk Identification

From BCMpedia. A Wiki Glossary for Business Continuity Management (BCM) and Disaster Recovery (DR).
Revision as of 10:51, 16 August 2017 by Moh heng (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
1. Risk Identification is to identify and categorize risks that could affect the organization and document the list of risks.

Related Term: Risk Assessment, Risk Analysis

Risk Identification within Risk Management Framework ISO31000
BCMBoK Competency Level
BCMBoK 2: Risk Analysis & Review CL 2B: Intermediate (BC)



BCMBoK Competency Level
BCMBoK 2: Risk Analysis & Review CL 2C: Intermediate (CM)



BCMBoK Competency Level
BCMBoK 2: Risk Analysis & Review CL 2D: Intermediate (DR)

(Source: Business Continuity Management Institute - BCM Institute)


2. Process of finding, recognizing and describing risks (2.1)

Notes (1) : Risk identification involves the identification of risk sources (2.16), events (2.17), their causes and their potential consequences (2.18).

Notes (2): Risk identification can involve historical data, theoretical analysis, informed and expert opinions, and stakeholder's (2.13) needs.

[ISO Guide 73:2009, definition 3.5.1]

(Source: ISO 31000:2009 – Risk Management — Principles and Guidelines) - clause 2.15