(ISO: Geneva) -- Two recently published ISO standards on risk management have just been joined by a third on risk assessment techniques. Together, they provide organizations of all types with a well-stocked toolbox for tackling situations that could affect the achievement of their objectives.

ISO/IEC 31010:2009—“Risk management—Risk assessment techniques,” has been developed jointly by ISO and its partner, the International Electrotechnical Commission (IEC).

Risks affecting organizations may have consequences in terms of environmental, technological, safety, and security outcomes, as well as social, cultural, and political influence.

When risks occur, organizations always have to ask the question, “Is the level of risk tolerable or acceptable; and does it require further treatment?"

Risk assessment is an integral part of risk management, which provides a structured process for organizations to identify how objectives may be affected. It is used to analyze the risk in terms of consequences and their probabilities, before the organization decides whether further treatment is required.

 …