【文章內(nèi)容簡介】 all strategic and operational policies and [ISO Guide 73:2009, definition ] management policy風(fēng)險管理政策statement of the overall intentions and direction of an organization related to risk management () 一個組織對風(fēng)險管理的意圖和指導(dǎo)方向的陳述[ISO Guide 73:2009, definition ] attitude風(fēng)險態(tài)度organization39。s approach to assess and eventually pursue, retain, take or turn away from risk ()組織評估、追求、保留、采取或避開風(fēng)險的處理手段[ISO Guide 73:2009, definition ] appetite風(fēng)險偏好amount and type of risk () that an organization is prepared to pursue, retain or take一個組織追求、保留或采取風(fēng)險的數(shù)量和類型[ISO Guide 73:2009, definition ] aversion風(fēng)險規(guī)避attitude to turn away from risk ()避開風(fēng)險的態(tài)度[ISO Guide 73:2009, definition ] management plan風(fēng)險管理計劃scheme within the risk management framework () specifying the approach, the management ponents and resources to be applied to the management of risk ()為風(fēng)險管理框架方案指定方法、管理措施、資源以用于管理風(fēng)險NOTE 1 Management ponents typically include procedures, practices, assignment of responsibilities, sequence and timing of 、做法、職責(zé)分配、序列和及時的行動NOTE 2 The risk management plan can be applied to a particular product, process and project, and part or whole of the 、流程和項(xiàng)目、部分或整個組織 [ISO Guide 73:2009, definition ] owner風(fēng)險所有者person or entity with the accountability and authority to manage the risk ()對風(fēng)險管理持有權(quán)力和責(zé)任的個人或?qū)嶓w[ISO Guide 73:2009, definition ] management process風(fēng)險管理流程systematic application of management policies, procedures and practices to the activities of municating,consulting, establishing the context, and identifying, analyzing, evaluating, treating, monitoring () and reviewing risk ()系統(tǒng)的應(yīng)用管理政策，程序和溝通協(xié)商，在建立的風(fēng)險管理環(huán)境下，識別，分析，評價，處理，監(jiān)測和審查風(fēng)險[ISO Guide 73:2009, definition ] the context環(huán)境建設(shè)defining the external and internal parameters to be taken into account when managing risk, and setting the scope and risk criteria () for the risk management policy ()界定風(fēng)險管理應(yīng)該考慮的外部和內(nèi)部參數(shù)，并設(shè)置風(fēng)險管理政策的范圍和風(fēng)險的標(biāo)準(zhǔn)[ISO Guide 73:2009, definition ] external context外部環(huán)境external environment in which the organization seeks to achieve its objectivesNOTE External context can include:外部環(huán)境包括? the cultural, social, political, legal, regulatory, financial, technological, economic, natural and petitive environment,whether international, national, regional or local。文化、社會、政治、法律、監(jiān)管、財政金融、技術(shù)、經(jīng)濟(jì)、自然和競爭環(huán)境，無論是國際，國家，區(qū)域或地方? key drivers and trends having impact on the objectives of the organization。 and影響該組織的主要驅(qū)動和趨勢? relationships with, and perceptions and values of, external stakeholders ().與外部利益相關(guān)者之間的關(guān)系和價值觀[ISO Guide 73:2009, definition ] context內(nèi)部環(huán)境internal environment in which the organization seeks to achieve its objectivesNOTE Internal context can include:內(nèi)部環(huán)境包括? governance, organizational structure, roles and accountabilities。治理、組織結(jié)構(gòu)、角色和責(zé)任? policies, objectives, and the strategies that are in place to achieve them。政策、目標(biāo)、實(shí)現(xiàn)目標(biāo)的戰(zhàn)略? the capabilities, understood in terms of resources and knowledge (. capital, time, people, processes, systems and technologies)。能力、資源和知識（如資本、時間、人、流程、系統(tǒng)和技術(shù)）? perceptions and values of internal stakeholders。內(nèi)部利益相關(guān)者的價值觀? information systems, information flows and decisionmaking processes (both formal and informal)。信息系統(tǒng)、信息流和（正式的和非正式的）決策流程? relationships with, and perceptions and values of, internal stakeholders。內(nèi)部利益相關(guān)者價值觀之間的關(guān)系? the organization39。s culture。組織文化? standards, guidelines and models adopted by the organization。 and標(biāo)準(zhǔn)、指引和組織采用的模式? form and extent of contractual [ISO Guide 73:2009, definition ] and consultation溝通和協(xié)商continual and iterative processes that an organization conducts to provide, share or obtain information and to engage in dialogue with stakeholders () and others regarding the management of risk ()一個組織提供，共享或獲取信息，與利益相關(guān)者和其他風(fēng)險管理者持續(xù)和反復(fù)對話的流程N(yùn)OTE 1 The information can relate to the existence, nature, form, likelihood (), severity, evaluation, acceptability,treatment or other aspects of the management of 、性質(zhì)、形式、可能性、嚴(yán)重程度、評價、可接受性、處理或者其他與管理風(fēng)險相關(guān)的方面NOTE 2 Consultation is a twoway process of informed munication between an organization and its stakeholders or others on an issue prior to making a decision or determining a direction on a particular issue. Consultation is:協(xié)商是一個組織與它的利益相關(guān)者或其他利益相關(guān)者雙向溝通的過程，目的在于就以問題提前做出決策或就某一問題決定方向。協(xié)商是：? a process which impacts on a decision through influence rather than power。 and通過影響而非權(quán)力影響決策的過程? an input to decision making, not joint decision [ISO Guide 73:2009, definition ]person or organization that can affect, be affected by, or perceive themselves to be affected by a decision or activity 可以影響、被影響或者覺得自己會被決策或者活動影響的個人或組織NOTE A decision maker can be a [ISO Guide 73:2009, definition ] assessment風(fēng)險評估overall process of risk identification (), risk analysis () and risk evaluation ()風(fēng)險識別，風(fēng)險分析和風(fēng)險評價的整個過程 [ISO Guide 73:2009, definition ] identification風(fēng)險識別process of finding, recognizing and describing risks ()發(fā)現(xiàn)、識別、描述風(fēng)險的過程N(yùn)OTE 1 Risk identification involves the identification of risk sources (), events (), their causes and their potential consequences ().風(fēng)險識別包括風(fēng)險源的識別、風(fēng)險事件的識別、風(fēng)險原因及潛在后果的識別NOTE 2 Risk identification can involve historical data, theoretical analysis, informed and expert opinions, and stakeholder39。s () 、技術(shù)分析、知情人、專家和利益相關(guān)者的意見[ISO Guide 73:2009, definition ] source風(fēng)險源element which alone or in bination has the intrinsic potential to give rise to risk ()單獨(dú)或聯(lián)合具有內(nèi)在的潛在引起危險的因素NOTE A risk source can be tangible or [ISO Guide 73:2009, definition ]occurrence or change of a particular set of circumstances特別環(huán)境的產(chǎn)生或者變化NOTE 1 An event can be one or more occurrences, and can have several ，并且會有多種原因NOTE 2 An event can consist of something not NOTE 3 An event can sometimes be referred to as an “incident” or “accident”.一個事件有時被稱為“偶然事件”或“事故”NOTE 4 An event without consequences can also be referred to as a “near miss”, “incident”, “near hit” or “close call”.一個不會產(chǎn)生后果的事件可以被稱為“近乎為零”、“偶然事件”、“near hit” or “close call”[ISO Guide 73:2009, definition ]oute of an event () affecting objectives事件對目標(biāo)的影響結(jié)果NOTE 1