The Risk Management plan should define how Risk Management is to be conducted throughout the organization. It must be developed
in a way that will ensure that Risk Management is embedded in all the organization’s important practices and business processes
so that it will become relevant, effective and efficient. The Risk Management plan may include specific sections for particular functions, areas, projects, activities or processes.
These sections may be separate plans but in all cases they should be consistent with the organization’s Risk Management strategy
(which includes specific RM policies per risk area or risk category).