The activities associated with analyzing the KRI values for a particular risk. This includes assessing the potential consequences and the factors that affect the consequences of a particular Risk (determine Impact) and assessing the likelihood the Risk event occurs (determine Probability).
A typical deliverable of this process is to update the Probability and Impact, and calculate the Key Risk Indicators for risks in the Risk Register or Risk Log.
OpenReference recommends adoption of ISO 31000 processes to build Supply Chain Risk Management governance processes, systems and behaviors. Manage Supply Chain Risk (G3) provides the processes to describe an enterprise's Supply Chain Risk Management processes. ISO 31000 is copyright ISO.
Compare to: ISO 31000:2009:5.4.3 Risk Analysis.
|G3||Manage Supply Chain Risk||2||G3|
Note: Common inputs and outputs are listed in alphabetical order. Other inputs and outputs may be required to support varying use cases.