| Line 1: | Line 1: | ||
The activities associated with defining the scope of the risk assessment or risk management program, and reviewing existing risk documentation and risk classification standards. | The activities associated with defining the scope of the risk assessment or risk management program, and reviewing existing risk documentation and risk classification standards. | ||
===Use Cases=== | ===Use Cases=== | ||
| − | + | Classification is typically preceded by developing a [[t:RBS]]. A [[t:RBS]] provides a standardized structure to guide risk classification. Typical classes include: | |
| − | + | * '''Strategic''' = Risks related to the effectiveness of the business strategy and its implementation; Organizational structures, Mergers & Acquisitions, Product strategy, Go-to-Market strategy, Supply Chain strategy, Intellectual Property strategy | |
| − | + | * '''Economic''' = Risks related to external economic influences; Markets, Competition, Availability credit/funding, inflation, volatility of interest and exchange rates, and price volatility of base materials and energy | |
| − | + | * '''Financial''' = Risks related to availability of financial instruments/funding, liquidity and cash flow, changes in tax law and practices, customer credit, accounting errors, and financial crimes | |
| − | + | * '''Socio-economic''' = Risks related to corporate corruption, tax avoidance, political change, war and terrorism, conflict minerals, human rights, trade barriers, and reputation and brand-value | |
| − | + | * '''Operational''' = Risks related to conducting day-to-day business; supplier performance, production capacity, production quality, logistics network congestion, logistics network capacity, product liability, natural disasters | |
| − | + | * '''Compliance''' = Risks related to corporate governance, international, national, regional and local regulations, permits, recognition of intellectual property rights of others, employment law, workplace safety, and mandatory reporting | |
| − | |||
===Notes=== | ===Notes=== | ||
{{OR}} recommends adoption of ISO 31000 processes to build Supply Chain Risk Management governance processes, systems and behaviors. [[sc:G3|Manage Supply Chain Risk]] provides the processes to describe an enterprise's [[t:SCRM|Supply Chain Risk Management]] processes. ISO 31000 is copyright [http://www.iso.org ISO]. | {{OR}} recommends adoption of ISO 31000 processes to build Supply Chain Risk Management governance processes, systems and behaviors. [[sc:G3|Manage Supply Chain Risk]] provides the processes to describe an enterprise's [[t:SCRM|Supply Chain Risk Management]] processes. ISO 31000 is copyright [http://www.iso.org ISO]. | ||
The activities associated with defining the scope of the risk assessment or risk management program, and reviewing existing risk documentation and risk classification standards.
Classification is typically preceded by developing a Risk Breakdown Structure. A Risk Breakdown Structure provides a standardized structure to guide risk classification. Typical classes include:
OpenReference recommends adoption of ISO 31000 processes to build Supply Chain Risk Management governance processes, systems and behaviors. G3 provides the processes to describe an enterprise's SCRM processes. ISO 31000 is copyright ISO.
Compare to: ISO 31000:2009:5.3 Establish the context. Supply Chain Risk Management
| ID | Name | Clear | x |
|---|---|---|---|
| RBS | Risk Breakdown Structure | RBS | |
| SCO | Supply Chain Outline | SCO | |
| SCRM | Supply Chain Risk Management | SCRM |
| Process |
| ||||||
|---|---|---|---|---|---|---|---|---|
| G301 |
|
|||||||