Activity
A.2 Definition of internal environment
Definition of Scope and Framework
Description
Description
As in every significant business process, the most critical prerequisite is to understand the organization itself. Key areas that must be evaluated in order to provide a comprehensive view of the organization’s internal environment include key business drivers (e.g. market indicators, competitive advances, product attractiveness, etc.), the organization’s strengths, weaknesses, opportunities and threats, internal stakeholders, organization structure and culture, assets in terms of resources (such as people, systems, processes, capital etc), goals and objectives and the strategies already in place to achieve them.

Organisation
Responsible
Risk Manager
Accountable
Senior Management
Consulted
Domain Expert
Risk Owner
Input/Output
Input data
D51 Strategy on organization
D52 Desc. internal stakeholders
D53 Assets (resources)
D8 Applicable rules
Output data
D56 Desc. internal assets
D57 Desc. rel. BPs and assets
D58 List of strategies
D55 Desc. main processes
D59 Risk appetite or tolerance
D54 Desc. internal roles