Risk-based thinking is a management approach that relies upon anticipating the future and adjusting the plans accordingly so as to be better prepared for things to come.
The whole idea behind calling a future anticipated event or happening as a risk is based upon following criteria:
Likelihood
Risk-based thinking has been made a key and essential element of ISO standards such as 9001:2015 and 27001:2013.
So in the above ISO standards, the purpose of the management system revolves around ensuring risks to the organization's objective are identified and managed.
The whole idea behind calling a future anticipated event or happening as a risk is based upon following criteria:
Likelihood
- The occurrence of that event has an associated likelihood.
- The likelihood could be at different levels such as low, medium, high.
- So something with high likelihood means that it is very likely to happen.
- The impact should that event happen has an associated severity.
- The severity of impact could be at different levels such as low, medium, high.
- So something with high severity means that it will lead to major consequences.
Risk-based thinking has been made a key and essential element of ISO standards such as 9001:2015 and 27001:2013.
So in the above ISO standards, the purpose of the management system revolves around ensuring risks to the organization's objective are identified and managed.
No comments:
Post a Comment