Risk Management
Risk management means identifying, evaluating and prioritizing risks (defined in ISO 31000 as an effect of uncertainty on objectives), followed by a coordinated and economical application of resources to minimize, monitor and control the probability / impact of unfortunate events or to maximize opportunities .
The risk management standards have been developed by various institutions, including the Project Management Institute, the National Institute of Standards and Technology, and the ISO standards. The most common are SR EN 31010: 2010 and SR ISO 31000: 2018.
Risks can come from various sources, including uncertainty in financial markets, threats from project failures (at any stage in the design, development, production or sustaining of life cycles), legal obligations, credit risk, accidents, natural causes and disasters, deliberate attack from a competitor or events with an uncertain or unforeseeable cause.
There are two types of events: negative events can be classified as risks, while positive events can be classified as opportunities.
The methods, definitions and objectives vary widely depending on the risk management method, these being in the context of project management, security, engineering, industrial processes, financial portfolios, current assessments or public health and safety.
Threat management strategies (uncertainties with negative consequences) usually include avoiding the threat, reducing the negative effect or likelihood of the threat, transferring the threat in whole or in part to another and even keeping some or all of the potential or actual consequences of the threat. particular.
In ISO 31010: Risk assessment techniques, over 30 tools for setting the context, evaluating, treating, monitoring and selecting the risk treatment techniques, of which the most commonly used are Delphi technique, Bayes analysis, Monte analysis are presented -Carlo, Papion Analysis, HAZOP, HACCP, structured or semi-structured interviews.
Some risk management standards have been criticized for not improving risk measurement, while confidence in subjective estimates and decisions seems to increase.