風(fēng)險(xiǎn)管理最終發(fā)布版中文翻譯稿ISO3100風(fēng)險(xiǎn)管理標(biāo)準(zhǔn)

1、iso/fdis 31000:2009(e)iv iso 2009 all rights reservedinternational standard iso/fdis31000risk management principles and guidelinesforeword前言iso (the international organization for standardization) is a worldwide federation of national standards bodies(iso member bodies). the work of preparing intern

2、ational standards is normally carried out through iso technical committees. each member body interested in a subject for which a technical committee has been established has the right to be represented on that committee. international organizations, governmental andnot-governmental, in liaison with

3、iso, also take part in the work. iso collaborates closely with theinternational electrotechnical commission (iec) on all matters of electrotechnical standardization.國際標(biāo)準(zhǔn)化組織（iso）是各國標(biāo)準(zhǔn)化團(tuán)體（iso成員團(tuán)體）組成的世界性的聯(lián)合匯。制定國際標(biāo)準(zhǔn)工作通常由iso的技術(shù)委員會(huì)完成。個(gè)成員團(tuán)體若對某技術(shù)委員會(huì)確定的項(xiàng)目感興趣，均由權(quán)參加該委員會(huì)的工作。與iso保持聯(lián)系的各國際組織（官方的或非官方的）也可參加有關(guān)工作。iso與

4、國際電工委員會(huì)（iec）在電工技術(shù)標(biāo)準(zhǔn)化方面保持密切合作的關(guān)系。international standards are drafted in accordance with the rules given in the iso/iec directives, part 2.國際標(biāo)準(zhǔn)是根據(jù)iso/iec導(dǎo)則第2部分的規(guī)則起草的。the main task of technical committees is to prepare international standards. draft international standards adopted by the technical comm

5、ittees are circulated to the member bodies for voting. publication as an international standard requires approval by at least 75 % of the member bodies casting a vote.由技術(shù)委員會(huì)通過的國際標(biāo)準(zhǔn)草案提交各成員團(tuán)體投票表決，需取得了至少3/4參加表決的成員團(tuán)體的同意，國際標(biāo)準(zhǔn)草案才能作為國際標(biāo)準(zhǔn)證實(shí)發(fā)布。attention is drawn to the possibility that some of the elements o

6、f this document may be the subject of patent rights. iso shall not be held responsible for identifying any or all such patent rights.本標(biāo)準(zhǔn)中的某些內(nèi)容有可能涉及一些專利權(quán)問題，這一點(diǎn)應(yīng)引起注意，iso不負(fù)責(zé)識(shí)別任何這樣的專利權(quán)問題。iso 31000 was prepared by the iso technical management board working group on risk management.iso 31000由iso技術(shù)管理委員會(huì)風(fēng)險(xiǎn)管

7、理工作組編寫。introduction簡介organizations of all types and sizes face internal and external factors and influences that make it uncertain whether and when they will achieve their objectives. the effect this uncertainty has on an organizations objectives is “risk”.所有類型和規(guī)模的組織都面臨內(nèi)部和外部因素的影響，使得它不能確定是否及何時(shí)實(shí)現(xiàn)其目標(biāo)。這

8、種對一個(gè)組織的目標(biāo)影響的不確定性既是“風(fēng)險(xiǎn)”。all activities of an organization involve risk. organizations manage risk by identifying it, analysing it and then evaluating whether the risk should be modified by risk treatment in order to satisfy their risk criteria.一個(gè)組織的所有活動(dòng)都涉及風(fēng)險(xiǎn)。組織通過識(shí)別、分析、評價(jià)風(fēng)險(xiǎn)以及處理風(fēng)險(xiǎn)，以滿足他們的風(fēng)險(xiǎn)標(biāo)準(zhǔn)。throughout

9、 this process, they communicate and consult with stakeholders and monitor and review the risk and the controls that are modifying the risk in order to ensure that no further risk treatment is required. this international standard describes this systematic and logical process in detail.在這個(gè)過程中，他們與利益相關(guān)

10、者溝通協(xié)商，監(jiān)測和審查風(fēng)險(xiǎn)控制，并不斷的修正風(fēng)險(xiǎn)，以確保風(fēng)險(xiǎn)處理不再是必需的。本標(biāo)準(zhǔn)詳細(xì)描述了這一系統(tǒng)的和符合邏輯的過程。while all organizations manage risk to some degree, this international standard establishes a number of principles that need to be satisfied to make risk management effective. this international standard recommends that organizations devel

11、op, implement and continuously improve a framework whose purpose is to integrate the process for managing risk into the organizations overall governance, strategy and planning,management, reporting processes, policies, values and culture.盡管所有的組織在某種程度上都在管理風(fēng)險(xiǎn)，本標(biāo)準(zhǔn)規(guī)定了一些原則，以使風(fēng)險(xiǎn)管理變得有效。本標(biāo)準(zhǔn)建議，組織制定，實(shí)施和不斷完善的框

12、架，其目的是將風(fēng)險(xiǎn)管理納入到組織的治理，戰(zhàn)略和規(guī)劃，管理，報(bào)告程序，政策，價(jià)值觀和文化等綜合管理的整個(gè)過程。risk management can be applied to an entire organization, at its many areas and levels, at any time, as well as to specific functions, projects and activities.風(fēng)險(xiǎn)管理可以應(yīng)用到整個(gè)組織，它的許多領(lǐng)域和層次，在任何時(shí)間，以及具體職能，項(xiàng)目和活動(dòng)。although the practice of risk management has

13、 been developed over time and within many sectors in order to meet diverse needs, the adoption of consistent processes within a comprehensive framework can help to ensure that risk is managed effectively, efficiently and coherently across an organization. the generic approach described in this inter

14、national standard provides the principles and guidelines for managing any form of risk in a systematic, transparent and credible manner and within any scope and context.盡管在過去這段時(shí)間內(nèi)的許多部門，以滿足不同的需要的風(fēng)險(xiǎn)管理的做法是成熟的，但是通過采用一致性流程的綜合框架有助于確保風(fēng)險(xiǎn)管理的有效性，并且有效和連貫整個(gè)組織。在本標(biāo)準(zhǔn)規(guī)定的一般性的原則和方針，目的在于在任何的環(huán)境和背景下，系統(tǒng)的、清晰的、可靠的方式管理風(fēng)險(xiǎn)。ea

15、ch specific sector or application of risk management brings with it individual needs, audiences, perceptions and criteria. therefore, a key feature of this international standard is the inclusion of “establishing the context” as an activity at the start of this generic risk management process. estab

16、lishing the context will capture the objectives of the organization, the environment in which it pursues those objectives, its stakeholders and the diversity of risk criteria all of which will help reveal and assess the nature and complexity of its risks.每一個(gè)具體部門或風(fēng)險(xiǎn)管理的應(yīng)用都產(chǎn)生了獨(dú)自的需要，受眾，觀念和標(biāo)準(zhǔn)。因此，這一國際標(biāo)準(zhǔn)的主

17、要特點(diǎn)是將風(fēng)險(xiǎn)管理“環(huán)境建設(shè)”列入其管理過程的開始活動(dòng)。環(huán)境建設(shè)方面將捕獲該組織的目標(biāo)，它所追求目標(biāo)的環(huán)境，它的利益相關(guān)者和風(fēng)險(xiǎn)標(biāo)準(zhǔn)的多樣性，所有這些都將幫助揭示和評估風(fēng)險(xiǎn)的性質(zhì)和復(fù)雜性。the relationship between the principles for managing risk, the framework in which it occurs and the risk management process described in this international standard are shown in figure 1.本標(biāo)準(zhǔn)描述了風(fēng)險(xiǎn)管理的原則、框架、風(fēng)險(xiǎn)

18、管理的流程之間的關(guān)系，如圖1所示。when implemented and maintained in accordance with this international standard, the management of risk enables an organization to, for example:當(dāng)按照這一國際標(biāo)準(zhǔn)實(shí)施和維護(hù)時(shí)，風(fēng)險(xiǎn)的管理者需使一個(gè)組織加強(qiáng)，例如： increase the likelihood of achieving objectives; 增加實(shí)現(xiàn)目標(biāo)的可能性 encourage proactive management; 鼓勵(lì)主動(dòng)性管理; be a

19、ware of the need to identify and treat risk throughout the organization; 在組織中，意識(shí)到識(shí)別和對待風(fēng)險(xiǎn)的需要; improve the identification of opportunities and threats; 提高的機(jī)會(huì)和威脅識(shí)別能力 comply with relevant legal and regulatory requirements and international norms; 符合有關(guān)法律及監(jiān)管要求和國際規(guī)范 improve financial reporting; 改進(jìn)財(cái)務(wù)報(bào)告 impr

20、ove governance; 改善治理 improve stakeholder confidence and trust; 提高利益相關(guān)者的信心和信任 establish a reliable basis for decision making and planning; 建立決策和規(guī)劃提供可靠的根基 improve controls;加強(qiáng)控制 effectively allocate and use resources for risk treatment; 有效地分配和使用資源處理風(fēng)險(xiǎn) improve operational effectiveness and efficiency;提高

21、運(yùn)營的效果和效率 enhance health and safety performance, as well as environmental protection; 加強(qiáng)健康和安全業(yè)績，以及環(huán)境的保護(hù); improve loss prevention and incident management; 改善防損和事件管理 minimize losses; 減少損失 improve organizational learning; and提高組織的學(xué)習(xí)能力 improve organizational resilience. 提高組織的應(yīng)變能力this international standa

22、rd is intended to meet the needs of a wide range of stakeholders, including: 本標(biāo)準(zhǔn)是為了滿足廣大利益相關(guān)者需要，包括：a) those responsible for developing risk management policy within their organization;a）開發(fā)者對其機(jī)構(gòu)內(nèi)的風(fēng)險(xiǎn)管理政策負(fù)責(zé);b) those accountable for ensuring that risk is effectively managed within the organization as a w

23、hole or within a specific area, project or activity;b）有人對組織作為一個(gè)整體、或者某一特定范圍、項(xiàng)目或者活動(dòng)的風(fēng)險(xiǎn)管理的有效性負(fù)責(zé);c) those who need to evaluate an organization effectiveness in managing risk; andc）有人需要對風(fēng)險(xiǎn)管理評估的有效性負(fù)責(zé);和d) developers of standards, guides, procedures and codes of practice that, in whole or in part, set out h

24、ow risk is to be managed within the specific context of these documents.d）標(biāo)準(zhǔn)，指南，程序和守則的開發(fā)者，應(yīng)該對在特定的環(huán)境下風(fēng)險(xiǎn)管理整體的或部分的文件得以實(shí)施負(fù)責(zé)；the current management practices and processes of many organizations include components of risk management, and many organizations have already adopted a formal risk management pro

25、cess for particular types of risk or circumstances. in such cases, an organization can decide to carry out a critical review of its existing practices and processes in the light of this international standard.目前許多組織的管理實(shí)踐和流程包括風(fēng)險(xiǎn)管理的組成部分，并且許多組織對特殊類型的風(fēng)險(xiǎn)或環(huán)境下已經(jīng)采用了正式的風(fēng)險(xiǎn)管理流程。在這種情況下，組織可以在本標(biāo)準(zhǔn)下開展對其現(xiàn)有的做法和程序嚴(yán)格審查

26、。in this international standard, the expressions “risk management” and “managing risk” are both used. in general terms, “risk management” refers to the architecture (principles, framework and process) for managing risks effectively, while “managing risk” refers to applying that architecture to parti

27、cular risks.在本國際標(biāo)準(zhǔn)中，“風(fēng)險(xiǎn)管理”和“管理風(fēng)險(xiǎn)”同時(shí)使用。一般來說，“風(fēng)險(xiǎn)管理”是指管理風(fēng)險(xiǎn)的有效性架構(gòu)（原則，框架和流程），而“管理風(fēng)險(xiǎn)”是指運(yùn)用該架構(gòu)管理特定風(fēng)險(xiǎn)。39figure 1 relationships between the risk management principles, framework and processrisk management principles and guidelines風(fēng)險(xiǎn)管理-原則和指導(dǎo)方針1 scope范圍this international standard provides principles and generic

28、 guidelines on risk management.本標(biāo)準(zhǔn)提供了風(fēng)險(xiǎn)管理的原則和一般準(zhǔn)則。this international standard can be used by any public, private or community enterprise, association, group or individual. therefore, this international standard is not specific to any industry or sector.本標(biāo)準(zhǔn)可用于任何公共，私人或社區(qū)組織，協(xié)會(huì)，團(tuán)體或個(gè)體。因此，這個(gè)國際標(biāo)準(zhǔn)是不針對特殊行業(yè)或部

29、門。note for convenience, all the different users of this international standard are referred to by the general term “organization”.為方便起見，本國際標(biāo)準(zhǔn)提到的所有不同的用戶通用術(shù)語為“組織”。this international standard can be applied throughout the life of an organization, and to a wide range of activities, including strategies

30、and decisions, operations, processes, functions, projects, products, services and assets.本標(biāo)準(zhǔn)可用于整個(gè)組織生活及各種活動(dòng)，包括戰(zhàn)略和決策，運(yùn)營，流程，職能，范圍廣泛的項(xiàng)目，產(chǎn)品，服務(wù)和資產(chǎn)。this international standard can be applied to any type of risk, whatever its nature, whether having positive or negative consequences.本標(biāo)準(zhǔn)可以適用于任何類型的風(fēng)險(xiǎn)，無論其性質(zhì)是否有積

31、極或消極的后果。although this international standard provides generic guidelines, it is not intended to promote uniformity of risk management across organizations. the design and implementation of risk management plans and frameworks will need to take into account the varying needs of a specific organizatio

32、n, its particular objectives,context, structure, operations, processes, functions, projects, products, services, or assets and specific practices employed.盡管本國際標(biāo)準(zhǔn)提供了風(fēng)險(xiǎn)管理的一般準(zhǔn)則，但不是為了促進(jìn)各組織風(fēng)險(xiǎn)管理的統(tǒng)一性。設(shè)計(jì)和風(fēng)險(xiǎn)管理計(jì)劃和框架的實(shí)施需要考慮到特定組織的不同需要，具體做法受其特定的目標(biāo)，環(huán)境，結(jié)構(gòu)，業(yè)務(wù)，流程，功能，項(xiàng)目，產(chǎn)品，服務(wù)或資產(chǎn)等影響。it is intended that this internati

33、onal standard be utilized to harmonize risk management processes in existing and future standards. it provides a common approach in support of standards dealing with specific risks and/or sectors, and does not replace those standards.本國際標(biāo)準(zhǔn)目的是用來協(xié)調(diào)風(fēng)險(xiǎn)管理與現(xiàn)有的和未來的標(biāo)準(zhǔn)之間的流程。它提供了一個(gè)支持處理特定風(fēng)險(xiǎn)和/或部分風(fēng)險(xiǎn)的通用方法，而不是取代這些

34、標(biāo)準(zhǔn)。this international standard is not intended for the purpose of certification.本標(biāo)準(zhǔn)不適合認(rèn)證目的。 2 terms and definitions術(shù)語和定義for the purposes of this document, the following terms and definitions apply.下列術(shù)語和定義適用本文件。2.1risk 風(fēng)險(xiǎn)effect of uncertainty on objectives不確定性對目標(biāo)的影響note 1 an effect is a deviation fro

35、m the expected positive and/or negative.注1：影響是與預(yù)期的偏差積極和/或消極note 2 objectives can have different aspects (such as financial, health and safety, and environmental goals) and can apply at different levels (such as strategic, organization-wide, project, product and process).注2：目標(biāo)可以有不同方面（如財(cái)務(wù)，健康和安全，以及環(huán)境目標(biāo)

36、），可以體現(xiàn)在不同的層次（如戰(zhàn)略，組織范圍，項(xiàng)目，產(chǎn)品和流程）。note 3 risk is often characterized by reference to potential events (2.19) and consequences (2.20), or a combination of these.注3：風(fēng)險(xiǎn)通常被描述為潛在事件（2.19）和后果（2.20），或它們的組合。note 4 risk is often expressed in terms of a combination of the consequences of an event (including chan

37、ges in circumstances) and the associated likelihood (2.21) of occurrence.注4：風(fēng)險(xiǎn)往往表達(dá)了對事件后果（包括環(huán)境的變化）和相關(guān)的可能性概率（2.21）。note 5 uncertainty is the state, even partial, of deficiency of information related to, understanding or knowledge of an event, its consequence, or likelihood.iso guide 73:2009, definitio

38、n 1.12.2risk management風(fēng)險(xiǎn)管理coordinated activities to direct and control an organization with regard to risk (2.1)一個(gè)組織對風(fēng)險(xiǎn)的指揮和控制的一系列協(xié)調(diào)活動(dòng)iso guide 73:2009, definition 2.12.3risk management framework風(fēng)險(xiǎn)管理框架set of components that provide the foundations and organizational arrangements for designing, imple

39、menting,monitoring (2.30), reviewing and continually improving risk management (2.2) throughout the organization 組織對風(fēng)險(xiǎn)管理的設(shè)計(jì)、實(shí)施、監(jiān)控、檢查和持續(xù)改進(jìn)等進(jìn)行的一系列基礎(chǔ)的組織安排note 1 the foundations include the policy, objectives, mandate and commitment to manage risk (2.1).基礎(chǔ)包括管理風(fēng)險(xiǎn)的政策、目標(biāo)、任務(wù)和承諾note 2 the organizational arra

40、ngements include plans, relationships, accountabilities, resources, processes and activities.組織安排包括計(jì)劃、關(guān)系、職責(zé)、資源、流程和活動(dòng)note 3 the risk management framework is embedded within the organizations overall strategic and operational policies and practices.風(fēng)險(xiǎn)管理框架被植入到組織的整個(gè)戰(zhàn)略和運(yùn)營的戰(zhàn)略和實(shí)踐中iso guide 73:2009, definit

41、ion 2.1.12.4risk management policy風(fēng)險(xiǎn)管理政策statement of the overall intentions and direction of an organization related to risk management (2.2) 一個(gè)組織對風(fēng)險(xiǎn)管理的意圖和指導(dǎo)方向的陳述iso guide 73:2009, definition 2.1.22.5risk attitude風(fēng)險(xiǎn)態(tài)度organizations approach to assess and eventually pursue, retain, take or turn away f

42、rom risk (2.1)組織評估、追求、保留、采取或避開風(fēng)險(xiǎn)的處理手段iso guide 73:2009, definition 3.7.1.12.6risk appetite風(fēng)險(xiǎn)偏好amount and type of risk (2.1) that an organization is prepared to pursue, retain or take一個(gè)組織追求、保留或采取風(fēng)險(xiǎn)的數(shù)量和類型iso guide 73:2009, definition 3.7.1.22.7risk aversion風(fēng)險(xiǎn)規(guī)避attitude to turn away from risk (2.1)避開風(fēng)險(xiǎn)

43、的態(tài)度iso guide 73:2009, definition 3.7.1.42.8risk management plan風(fēng)險(xiǎn)管理計(jì)劃scheme within the risk management framework (2.3) specifying the approach, the management components and resources to be applied to the management of risk (2.1)為風(fēng)險(xiǎn)管理框架方案指定方法、管理措施、資源以用于管理風(fēng)險(xiǎn)note 1 management components typically incl

44、ude procedures, practices, assignment of responsibilities, sequence and timing of activities.管理措施一般包括程序、做法、職責(zé)分配、序列和及時(shí)的行動(dòng)note 2 the risk management plan can be applied to a particular product, process and project, and part or whole of the organization.風(fēng)險(xiǎn)管理計(jì)劃適用于特定的產(chǎn)品、流程和項(xiàng)目、部分或整個(gè)組織 iso guide 73:2009, d

45、efinition 2.1.32.9risk owner風(fēng)險(xiǎn)所有者person or entity with the accountability and authority to manage the risk (2.1)對風(fēng)險(xiǎn)管理持有權(quán)力和責(zé)任的個(gè)人或?qū)嶓wiso guide 73:2009, definition 3.5.1.42.10risk management process風(fēng)險(xiǎn)管理流程systematic application of management policies, procedures and practices to the activities of communi

46、cating,consulting, establishing the context, and identifying, analyzing, evaluating, treating, monitoring (2.30) and reviewing risk (2.1)系統(tǒng)的應(yīng)用管理政策，程序和溝通協(xié)商，在建立的風(fēng)險(xiǎn)管理環(huán)境下，識(shí)別，分析，評價(jià)，處理，監(jiān)測和審查風(fēng)險(xiǎn)iso guide 73:2009, definition 3.12.11establishing the context環(huán)境建設(shè)defining the external and internal parameters to

47、be taken into account when managing risk, and setting the scope and risk criteria (2.24) for the risk management policy (2.4)界定風(fēng)險(xiǎn)管理應(yīng)該考慮的外部和內(nèi)部參數(shù)，并設(shè)置風(fēng)險(xiǎn)管理政策的范圍和風(fēng)險(xiǎn)的標(biāo)準(zhǔn)iso guide 73:2009, definition 3.3.12.12 external context外部環(huán)境external environment in which the organization seeks to achieve its objectives

48、note external context can include:外部環(huán)境包括 the cultural, social, political, legal, regulatory, financial, technological, economic, natural and competitive environment,whether international, national, regional or local;文化、社會(huì)、政治、法律、監(jiān)管、財(cái)政金融、技術(shù)、經(jīng)濟(jì)、自然和競爭環(huán)境，無論是國際，國家，區(qū)域或地方 key drivers and trends having impac

49、t on the objectives of the organization; and影響該組織的主要驅(qū)動(dòng)和趨勢 relationships with, and perceptions and values of, external stakeholders (2.15).與外部利益相關(guān)者之間的關(guān)系和價(jià)值觀iso guide 73:2009, definition 3.3.1.12.13internal context內(nèi)部環(huán)境internal environment in which the organization seeks to achieve its objectivesnote i

50、nternal context can include:內(nèi)部環(huán)境包括 governance, organizational structure, roles and accountabilities;治理、組織結(jié)構(gòu)、角色和責(zé)任 policies, objectives, and the strategies that are in place to achieve them;政策、目標(biāo)、實(shí)現(xiàn)目標(biāo)的戰(zhàn)略 the capabilities, understood in terms of resources and knowledge (e.g. capital, time, people, pro

51、cesses, systems and technologies);能力、資源和知識(shí)（如資本、時(shí)間、人、流程、系統(tǒng)和技術(shù)） perceptions and values of internal stakeholders;內(nèi)部利益相關(guān)者的價(jià)值觀 information systems, information flows and decision-making processes (both formal and informal);信息系統(tǒng)、信息流和（正式的和非正式的）決策流程 relationships with, and perceptions and values of, interna

52、l stakeholders;內(nèi)部利益相關(guān)者價(jià)值觀之間的關(guān)系 the organizations culture;組織文化 standards, guidelines and models adopted by the organization; and標(biāo)準(zhǔn)、指引和組織采用的模式 form and extent of contractual relationships.合同關(guān)系的形成和范圍iso guide 73:2009, definition 3.3.1.22.14communication and consultation溝通和協(xié)商continual and iterative proc

53、esses that an organization conducts to provide, share or obtain information and to engage in dialogue with stakeholders (2.15) and others regarding the management of risk (2.1)一個(gè)組織提供，共享或獲取信息，與利益相關(guān)者和其他風(fēng)險(xiǎn)管理者持續(xù)和反復(fù)對話的流程note 1 the information can relate to the existence, nature, form, likelihood (2.21),

54、severity, evaluation, acceptability,treatment or other aspects of the management of risk.信息涉及存在、性質(zhì)、形式、可能性、嚴(yán)重程度、評價(jià)、可接受性、處理或者其他與管理風(fēng)險(xiǎn)相關(guān)的方面note 2 consultation is a two-way process of informed communication between an organization and its stakeholders or others on an issue prior to making a decision or d

55、etermining a direction on a particular issue. consultation is:協(xié)商是一個(gè)組織與它的利益相關(guān)者或其他利益相關(guān)者雙向溝通的過程，目的在于就以問題提前做出決策或就某一問題決定方向。協(xié)商是： a process which impacts on a decision through influence rather than power; and通過影響而非權(quán)力影響決策的過程 an input to decision making, not joint decision making.加入決策而非共同決策iso guide 73:2009,

56、 definition 3.2.12.15stakeholder利益相關(guān)者person or organization that can affect, be affected by, or perceive themselves to be affected by a decision or activity 可以影響、被影響或者覺得自己會(huì)被決策或者活動(dòng)影響的個(gè)人或組織note a decision maker can be a stakeholder.決策者可以是利益相關(guān)者iso guide 73:2009, definition 3.2.1.12.16risk assessment風(fēng)險(xiǎn)評

57、估overall process of risk identification (2.17), risk analysis (2.23) and risk evaluation (2.26)風(fēng)險(xiǎn)識(shí)別，風(fēng)險(xiǎn)分析和風(fēng)險(xiǎn)評價(jià)的整個(gè)過程 iso guide 73:2009, definition 3.4.12.17risk identification風(fēng)險(xiǎn)識(shí)別process of finding, recognizing and describing risks (2.1)發(fā)現(xiàn)、識(shí)別、描述風(fēng)險(xiǎn)的過程note 1 risk identification involves the identificati

58、on of risk sources (2.18), events (2.19), their causes and their potential consequences (2.20).風(fēng)險(xiǎn)識(shí)別包括風(fēng)險(xiǎn)源的識(shí)別、風(fēng)險(xiǎn)事件的識(shí)別、風(fēng)險(xiǎn)原因及潛在后果的識(shí)別note 2 risk identification can involve historical data, theoretical analysis, informed and expert opinions, and stakeholders (2.15) needs.風(fēng)險(xiǎn)識(shí)別涉及歷史數(shù)據(jù)、技術(shù)分析、知情人、專家和利益相關(guān)者的意見iso guide 73:2009, definition 3.5.12.18risk source風(fēng)險(xiǎn)源element which alone or in combination has the intrinsic pote