RISK CRITERIA • Risk criteria are terms of reference and are used to evaluate the significance or importance of an organization’s risks. • They are used to determine whether a specified level of risk is acceptable or tolerable. • Risk criteria should reflect the organization’s values, policies, and objectives, should be based on its external and internal context, should consider the views of stakeholders, and should be derived from standards, laws, policies, and other requirements.
Made with FlippingBook - Share PDF online