Professional Documents
Culture Documents
Iso 31000 Checklist PDF
Iso 31000 Checklist PDF
5. R IS K MA N A GE MEN T PR OC E S S
255 Establish a cyclical risk treatment process. TODO DONE N/A Risk treatment is a continuous cyclical
process. This cycle starts when you
256 Assess your chosen risk treatment option. TODO DONE N/A assess a risk treatment option and you
decide whether your residual risk level
is tolerable once your treatment has
257 Decide whether residual risk levels are tolerable TODO DONE N/A
been implemented. Whenever you
once risk treatments have been implemented. cannot tolerate your residual risk level,
you assess the effectiveness of new
258 Generate new risk treatment options whenever TODO DONE N/A risk treatment options. And thus the
you cannot tolerate your residual risk levels. cycle continues.
Risk treatment is a risk modification
259 Evaluate the effectiveness of TODO DONE N/A process. It involves selecting and
your new risk treatment options. implementing one or more treatment
options. Once a treatment has been
260 Consider your risk treatment options. TODO DONE N/A
implemented, it becomes a control
or it modifies existing controls. You
have many treatment options. You
261 Consider trying to avoid the risk. TODO DONE N/A
can avoid the risk, you can reduce
the risk, you can remove the source
262 Consider not starting the activity TODO DONE N/A of the risk, you can modify the
that gives rise to your risk. consequences, you can change the
probabilities, you can share the risk
263 Consider not continuing the activity TODO DONE N/A with others, you can simply retain the
that gives rise to your risk. risk, or you can even increase the
risk in order to pursue an opportunity.
264 Consider trying to reduce the risk. TODO DONE N/A While Part 5.5.1 does not actually
mention reducing, mitigating,
265 Consider trying to mitigate your risk. TODO DONE N/A preventing, and eliminating risk,
these risk treatment options are
266 Consider trying to prevent your risk. TODO DONE N/A mentioned in Part 2.25, above.
Thats why weve added them here.
267 Consider trying to eliminate your risk. TODO DONE N/A
268 Consider trying to remove the source of the risk. TODO DONE N/A
270 Consider trying to change the impact that TODO DONE N/A
consequences could have on your ability
to achieve objectives.
5. R IS K MA N A GE MEN T PR OC E S S
273 Consider trying to share the risk with others. TODO DONE N/A
274 Consider using contracts and risk financing TODO DONE N/A
to share the risk with other parties.
277 Consider enduring the risk if you need TODO DONE N/A
to pursue an important opportunity.
278 Select the most appropriate risk treatment options. TODO DONE N/A
280 Compare the cost with the benefit of TODO DONE N/A
implementing risk treatment measures.
282 Consider treating risks that cannot easily TODO DONE N/A
be justified on economic grounds but,
nevertheless, ought to be addressed.
283 Consider treating low probability risks that TODO DONE N/A
could have severe negative consequences.
284 Consider the new potential risks that your TODO DONE N/A
risk treatment options could introduce.
285 Consider the possibility that your chosen risk TODO DONE N/A
treatment could be ineffective or fail completely.
5. R IS K MA N A GE MEN T PR OC E S S
287 Consider the possibility that your chosen risk TODO DONE N/A
treatments could introduce new secondary risks.
288 Make sure that your risk treatments TODO DONE N/A
deal with these secondary risks.
289 Monitor and review your risk treatments TODO DONE N/A
to ensure that they also deal with these
secondary risks.
290 Identify, maintain, and monitor the link TODO DONE N/A
between primary and secondary risks.
295 Consider how risk treatment measures will be TODO DONE N/A
communicated and discussed with stakeholders.
297 Consider legal, regulatory, and other requirements TODO DONE N/A
when you make your risk treatment decisions.