"Effect of uncertainty on objectives." (ISO31000- 2009).


Risk Management: 

"Coordinated activities to direct and control an organization with regard to risk."  (ISO31000- 2009)


"Risk management is a central part of any organisation’s strategic management. It is the process whereby organisations methodically address the risks attaching to their activities with the goal of achieving sustained benefit within each activity and across the portfolio of all activities."(IRM Standard 2002)

 *  *  *  * 

Enterprise Risk Management The ERM:

Risk Management Framework 

"Set of components that provide the foundations and organizational arrangements for designing, implementing, monitoring, reviewing and continually improving risk management throughout the organization." (ISO 31000 - 2009):


COSO Enterprise Risk Management – Integrated Framework.  2004:

The Committee of Sponsoring Organizations of the Treadway Commission (COSO)

“… a process, effected by an entity's board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risks to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.” (COSO ERM, 2004)

*  *  *  * 

Moreover, ISO 31000 - 2009 provides a rich risk management taxonomy covering the important risk expressions.  This taxonomy is placed under Risk Management Dictionary part, this is available on the following URL http://www.praxiom.com/iso-31000-terms.htm



Raida Mashal