• When defining the risk criteria: • Consider the organization and how it functions • When defining the risk criteria: • Consider the views of the organization’s stakeholders • When defining the risk criteria: • Consider the nature and type of causes • When defining the risk criteria: • Consider the consequences and impacts that could occur. • When defining the risk criteria: • Consider how likelihood or probability will be determined. • When defining the risk criteria: • Consider how the level of risk will be determined. • When defining the risk criteria: • Consider whether combinations of multiple risks should be taken into account. • When defining the risk criteria: • Review and periodically update the risk criteria. 5.3.5 ESTABLISH THE ORGANIZATION'S RISK CRITERIA
Made with FlippingBook - Share PDF online