This International Standard is applicable to any project with a technological content. It may also apply to other projects.
It provides a general introduction to project risk management, its subprocesses and influencing factors. These subprocesses are:
- establishing the context, including confirmation of project objectives;
- risk identification;
- risk assessment, including risk analysis and evaluation;
- risk treatment;
- review and monitoring;
- communication (including consultation);
- learning from the project.
Guidelines are provided on the organizational requirements for implementing the process of risk management appropriate to the various phases of a project.
It is recognized that, in certain circumstances, it may be inappropriate to include all the clauses of this standard within a contract. Accordingly, this standard should only be considered as forming part of a contract – however that contract may be formed – if the parties to that contract explicitly call upon and refer to this standard (or parts thereof) and require it to be included within the contract.