In business terms, Risk Management as a process should provide a balance between (all kinds of) costs, benefits and opportunities.
Therefore, it is necessary to draw the appropriate framework and to correctly set the scope and boundaries of the Risk Management
process. Setting the Risk Management context involves defining the organization, process, project or activity (to be assessed) and
establishing its goals and objectives, duration of the project, activity or function, full scope of the Risk Management activities
to be carried out specifying any including inclusions and exclusions, roles and responsibilities of various parts of the organization
participating in the Risk Management process, dependencies between the project or activity and other projects or parts of
the organization.
Organisation
Responsible
Risk Manager
Accountable
Senior Management
Consulted
Risk Owner Domain Expert
Input/Output
Input data
D11 Assessment scope D10 Target object scope D9 Process dependencies D56 Desc. internal assets D12 Role defs. for assessment
Output data
D16 Org./proc. to be assessed D14 Role participants D15 Add. considered activities D13 Assessment plan add. infos