As defined in the International Organization of Standardization (ISO
31000). Risk Management is the identification, assessment, and prioritization of risks followed by coordinated and economical application of resources to minimize monitor and control the probability and/or impact of unfortunate events and to maximize the realization of opportunities. It is through risk management that risks to any specific program are assessed and systematically managed to reduce risk to an acceptable level. Risks can come from uncertainty in the financial market, project failures, legal liabilities. credit risks accidents, natural causes and disasters as well as deliberate attack from adversary, or events of uncertain or unpredictable root-cause.