Risk Identification

From BCMpedia. A Wiki Glossary for Business Continuity Management (BCM) and Disaster Recovery (DR).
Jump to navigation Jump to search
1. Risk Identification is to identify and categorize risks that could affect the organization and document the list of risks.

Related Term: Risk Assessment, Risk Analysis

Risk Identification within Risk Management Framework ISO31000
BCMBoK Competency Level
BCMBoK 2: Risk Analysis & Review CL 2B: Intermediate (BC)



BCMBoK Competency Level
BCMBoK 2: Risk Analysis & Review CL 2C: Intermediate (CM)



BCMBoK Competency Level
BCMBoK 2: Risk Analysis & Review CL 2D: Intermediate (DR)

(Source: Business Continuity Management Institute - BCM Institute)


2. Process of finding, recognizing and describing risks (2.1)

Notes (1) : Risk identification involves the identification of risk sources (2.16), events (2.17), their causes and their potential consequences (2.18).

Notes (2): Risk identification can involve historical data, theoretical analysis, informed and expert opinions, and stakeholder's (2.13) needs.

[ISO Guide 73:2009, definition 3.5.1]

(Source: ISO 31000:2009 – Risk Management — Principles and Guidelines) - clause 2.15