y*******8
发帖数: 278 | 1 http://en.wikipedia.org/wiki/Risk_management
Risk management is the identification, assessment, and prioritization of
risks (defined in ISO 31000 as the effect of uncertainty on objectives,
whether positive or negative) followed by coordinated and economical
application of resources to minimize, monitor, and control the probability
and/or impact of unfortunate events[1] or to maximize the realization of
opportunities. Risks can come from uncertainty in financial markets, project
failures (at any phase in design, development, production, or sustainment
life-cycles), legal liabilities, credit risk, accidents, natural causes and
disasters as well as deliberate attack from an adversary, or events of
uncertain or unpredictable root-cause. Several risk management standards
have been developed including the Project Management Institute, the National
Institute of Standards and Technology, actuarial societies, and ISO
standards.[2][3] Methods, definitions and goals vary widely according to
whether the risk management method is in the context of project management,
security, engineering, industrial processes, financial portfolios, actuarial
assessments, or public health and safety.
The strategies to manage risk typically include transferring the risk to
another party, avoiding the risk, reducing the negative effect or
probability of the risk, or even accepting some or all of the potential or
actual consequences of a particular risk.
Certain aspects of many of the risk management standards have come under
criticism for having no measurable improvement on risk, whether the
confidence in estimates and decisions seem to increase. |
|
