【正文】 existence, nature, form, likelihood (), severity, evaluation, acceptability,treatment or other aspects of the management of 、性質(zhì)、形式、可能性、嚴(yán)重程度、評價、可接受性、處理或者其他與管理風(fēng)險相關(guān)的方面NOTE 2 Consultation is a twoway process of informed munication between an organization and its stakeholders or others on an issue prior to making a decision or determining a direction on a particular issue. Consultation is:協(xié)商是一個組織與它的利益相關(guān)者或其他利益相關(guān)者雙向溝通的過程，目的在于就以問題提前做出決策或就某一問題決定方向。 and通過影響而非權(quán)力影響決策的過程? an input to decision making, not joint decision [ISO Guide 73:2009, definition ]person or organization that can affect, be affected by, or perceive themselves to be affected by a decision or activity 可以影響、被影響或者覺得自己會被決策或者活動影響的個人或組織NOTE A decision maker can be a [ISO Guide 73:2009, definition ] assessment風(fēng)險評估overall process of risk identification (), risk analysis () and risk evaluation ()風(fēng)險識別，風(fēng)險分析和風(fēng)險評價的整個過程 [ISO Guide 73:2009, definition ] identification風(fēng)險識別process of finding, recognizing and describing risks ()發(fā)現(xiàn)、識別、描述風(fēng)險的過程NOTE 1 Risk identification involves the identification of risk sources (), events (), their causes and their potential consequences ().風(fēng)險識別包括風(fēng)險源的識別、風(fēng)險事件的識別、風(fēng)險原因及潛在后果的識別NOTE 2 Risk identification can involve historical data, theoretical analysis, informed and expert opinions, and stakeholder39。 instead, the equivalent of the term “probability” is often used. However, in English, “probability” is often narrowly interpreted as a mathematical term. Therefore, in risk management terminology, “l(fā)ikelihood” is used with the intent that it should have the same broad interpretation as the term “probability” has in many languages other than English.英文“可能性”在有些語言中沒有直接對應(yīng)，而同義詞“概率”經(jīng)常被使用。因此，在風(fēng)險管理術(shù)語中，“可能性”，被富有同非英語國家的“概率”同樣的廣義解釋。通過避開或停止可以產(chǎn)生風(fēng)險的活動避免風(fēng)險? taking or increasing risk in order to pursue an opportunity。消除風(fēng)險源? changing the likelihood ()。改變后果? sharing the risk with another party or parties (including contracts and risk financing)。a) Risk management creates and protects Risk management contributes to the demonstrable achievement of objectives and improvement of performance in, for example, human health and safety, security, legal and regulatory pliance, public acceptance, environmental protection, product quality, project management, efficiency in operations,governance and reputation.風(fēng)險管理有助于目標(biāo)達成和績效的明顯改善，例如，人類健康和安全，保安，法律和法規(guī)遵從性，公眾接受性，環(huán)保，產(chǎn)品質(zhì)量，項目管理，運營效率，治理和聲譽。風(fēng)險管理是管理的一部分，是組織流程如戰(zhàn)略規(guī)劃、所有項目、變更管理流程的組成部分，包括。d) Risk management explicitly addresses Risk management explicitly takes account of uncertainty, the nature of that uncertainty, and how it can be addressed.風(fēng)險管理明確的考慮到不確定性及這種不確定性的性質(zhì)，以及如何加以解決。f) Risk management is based on the best available The inputs to the process of managing risk are based on information sources such as historical data,experience, stakeholder feedback, observation, forecasts and expert judgement. However, decision makers should inform themselves of, and should take into account, any limitations of the data or modelling used or the possibility of divergence among experts.風(fēng)險管理流程的輸入基于信息資源，如歷史數(shù)據(jù)，經(jīng)驗，利益相關(guān)者的反饋，觀察，預(yù)測和專家判斷。g) Risk management is Risk management is aligned with the organization39。h) Risk management takes human and cultural factors into Risk management recognizes the capabilities, perceptions and intentions of external and internal people that can facilitate or hinder achievement of the organization39。i) Risk management is transparent and Appropriate and timely involvement of stakeholders and, in particular, decision makers at all levels of the organization, ensures that risk management remains relevant and uptodate. Involvement also allows stakeholders to be properly represented and to have their views taken into account in determining risk criteria.及時的、適當(dāng)?shù)奈绽嫦嚓P(guān)者，尤其是組織各層面的決策者參與風(fēng)險管理，確保風(fēng)險管理是相關(guān)的和跟得上形式的。j) Risk management is dynamic, iterative and responsive to ，迭代的和適應(yīng)環(huán)境變遷 As external and internal events occur, context and knowledge change, monitoring and review take place,new risks emerge, some change, and others disappear. Therefore, risk management continually senses and responds to change.由于外部和內(nèi)部事情的發(fā)生時，環(huán)境和知識在改變，監(jiān)測和審查過程中，新的風(fēng)險出現(xiàn)，一些風(fēng)險在改變，而另一些風(fēng)險消失了。k) Risk management facilitates continual improvement of the Organizations should develop and implement strategies to improve their risk management maturity alongside all other aspects of their organization.Annex A provides further advice for organizations wishing to manage risk more effectively.組織應(yīng)制訂和實施戰(zhàn)略，以改善組織各個方面的風(fēng)險管理的成熟。4 Framework框架 General概述The success of risk management will depend on the effectiveness of the management framework providing the foundations and arrangements that will embed it throughout the organization at all levels. 風(fēng)險管理的成功取決于管理框架的有效性，這個框架提供基礎(chǔ)和安排并使其嵌入到組織的各個層級。該框架確保在流程中派生出來的風(fēng)險信息得以適當(dāng)?shù)膱蟾?，并將其用來做出決策和使組織相關(guān)層級保持職責(zé)相關(guān)。Figure 2 — Relationship between the ponents of the framework for managing risk風(fēng)險管理框架中各組成部分的關(guān)系This framework is not intended to prescribe a management system, but rather to assist the organization to integrate risk management into its overall management system. Therefore, organizations should adapt the ponents of the framework to their specific needs.本框架并非規(guī)定一個管理系統(tǒng)，目的在于協(xié)助組織將風(fēng)險管理與其整個管理系統(tǒng)相整合。If an organization39。 Mandate and mitment任務(wù)和承諾The introduction of risk management and ensuring its ongoing effectiveness require strong and sustained mitment by management of the organization, as well as strategic and rigorous planning to achieve mitment at all levels. Management should:風(fēng)險管理的引進和確保其持續(xù)有效都需要組織的管理層強有力的、持續(xù)的承諾，以及嚴(yán)格的戰(zhàn)略規(guī)劃，實現(xiàn)組織各級成員的認(rèn)同感。制定風(fēng)險管理政策? ensure that the organization39。確保組織文化和風(fēng)險管理政策相一致? determine risk management performance indicators that align with performance indicators of the organization。使風(fēng)險管理目標(biāo)與組織目標(biāo)和戰(zhàn)略相一致? ensure legal and regulatory pliance。? ensure that the necessary resources are allocated to risk management。 and協(xié)調(diào)風(fēng)險管理利益相關(guān)者之間的利益? ensure that the framework for managing risk continues to remain appropriate. 確保風(fēng)險管理框架穩(wěn)步進行