Term Of The Day – Operational Risk Management
A continual cyclic process which includes risk assessment, risk decision making, and implementation of risk controls, which results in acceptance, mitigation, or avoidance of risk. I thought it would be best to cover two very simplistic models for ORM.
The US Department of Defense has these operational risk management principles:

- Accept risk when benefits outweigh thecost.
- Accept no unnecessary risk.
- Anticipate and manage risk by planning.
- Make risk decisions at the right level.
The International Organization of Standards has the defined the process as:
- Establish context
- Risk assessment
- Risk identification
- Risk analysis
- Risk evaluation
- Risk treatment
- Monitor and review
©J&L Risk Management Inc Copyright Notice