risk management framework
riskihalduse karkass
olemus
ISO Guide 73:
kogum komponente, organisatsiooni üldiste strateegiliste ja operatiivsete
poliitikate ja tavade lahutamatu osa, millega luuakse riskihalduse kavandamiseks, rakendamiseks, seireks,
läbivaatuseks, pidevaks täiustamiseks alused
(st poliitika, eesmärgid, mandaat, pühendumus), organisatsiooniline korraldus, st plaanid, seosed, kohustused, ressursid, protsessid, tegevused
= set of components that provide the foundations and organizational arrangements for designing, implementing, monitoring, reviewing and continually improving risk management throughout the organization
Note 1. The foundations include the policy, objectives, mandate and commitment to manage risk.
Note 2. The organizational arrangements include plans, relationships, accountabilities, resources, processes and activities.
Note 3. The risk management framework is embedded within the organization's overall strategic and operational policies and practices.
näiteid
https://en.wikipedia.org/wiki/Risk_Management_Framework
https://assets.kpmg.com/content/dam/kpmg/ch/pdf/enterprise-wide-risk-management-framework-en.pdf
https://www.varonis.com/blog/risk-management-framework/
https://csrc.nist.gov/CSRC/media/Presentations/Next-Generation-Cybersecurity-and-Risk-Management/images-media/Ron%20Ross%20Keynote.pdf
https://csrc.nist.gov/projects/risk-management/about-rmf
https://www.globalpartnership.org/sites/default/files/document/file/2020-08-risk-management-framework-policy.pdf
https://dhs.sa.gov.au/__data/assets/pdf_file/0008/9782/risk-management-framework.pdf