Risk assessment

Risk assessments are the core of the risk management process. A risk assessment goes through three phases: identification, analysis, and evaluation¹.

• Risk identification includes finding and describing risks.
• Risk analysis involves careful research and conclusions about the risk rating for an individual risk.
• Risk evaluation determines whether a risk is tolerable or not in conjunction with the risk criteria and sets the path for a risk treatment plan.

ISO 31000 (2018), 6.4 Risk assessment. ↩︎