The risk management process involves the systematic application of policies, procedures, and practices
to the activities of communicating and consulting, establishing the context and assessing, treating,
monitoring, reviewing, recording, and reporting risk (Figure 53).
Figure 53. ISO 31000: 2018 Risk management process
7.2. Risk Identification
The purpose of risk identification is to find, recognise and describe risks that might help or prevent an
organisation achieving its objectives. Relevant, appropriate and up-to-date information is important in
identifying risks (Standards Australia, 2018).
The following factors and the relationships among these factors have been considered by this risk
assessment:
Tangible and intangible sources of risk;
•
Causes and events;
•
Threats and opportunities;
•
Vulnerabilities and capabilities;
•
Changes in the external and internal context;
•
Indicators or emerging risks;
•
The nature and value of assets and resources;
•
Consequences and their impacts on objectives;
•
• Limitations of knowledge and reliability of information;
197
Wulguru Technical Services Pty Ltd – Supporting Information to Amend an Environmental Authority
Powered by FlippingBook