the risk management framework specifying the approach, the management components and resources to be applied to the management of risk. (ANSI/ASSP/ISO 31000‐2018)
Risk Management Process:
Systematic application of management policies, procedures, and practices to the activities of communicating, consulting, establishing the context, and identifying, analyzing, evaluating, treating, monitoring, and reviewing risk. (ANSI/ASSP/ISO 31000‐2018)
Risk Matrix:
Tool for ranking and displaying risks by defining ranges for consequence and likelihood. (ISO Guide 73/ANSI/ASSP Z690.1‐2011)
Risk Profile:
Description of any set of risks. (ISO Guide 73/ANSI/ASSP Z690.1‐2011)
Risk Priority Number:
A combined risk score of three or more risk factors such as severity, probability, and exposure or prevention effectiveness to produce a priority number used in risk ranking. (Authors)
Risk Professional:
A person skilled, knowledgeable, and experienced in the risk assessment and management process. (Authors)
Risk Reduction:
That part of the risk assessment process involving the elimination of hazards or selection of other appropriate risk reduction measures (protective measures) to reduce the probability of harm or its severity. (ANSI B11.0‐2020)
Risk Reduction Measure (Protective Measure):
Any action or means used to eliminate hazards and/or reduce risks. (ANSI B11.0‐2020)
Risk Register:
Record of information about identified risks. (ISO Guide 73/ANSI/ASSP Z690.1‐2011)
Risk Retention:
Acceptance of the potential benefit of gain, or burden of loss, from a particular risk. (ISO Guide 73/ANSI/ASSP Z690.1‐2011)
Risk Source:
Element which alone or in combination has the potential to give rise to risk. (ANSI/ASSP/ISO 31000‐2018)
Risk Tolerance:
Organization's or stakeholder's readiness to bear the risk after risk treatment in order to achieve its objectives. (ISO Guide 73/ANSI/ASSP Z690.1‐2011)
Risk Treatment:
Process to modify risk. (ANSI/ASSP/ISO 31000‐2018)
Safe:
“Safe” is viewed as having reached a level of acceptable or minimal residual risk. (ANSI/ASSP Z10.0‐2019)
Deciding that a thing is safe or not safe requires judgments of whether the probability of an undesired incident occurring and the severity of its outcome are acceptable. (Manuele 2013)
The state of being protected from recognized hazards that are likely to cause physical harm. There is no such thing as being absolutely safe, that is, a complete absence of risk. (Whiting 2013)
Safe‐Work Procedure(s):
Formal written documentation developed by the user that describes steps that are to be taken to safely complete tasks where hazardous situations may be present or hazardous events are likely to occur. (ANSI B11.0‐2020)
Safety:
Freedom from unacceptable risk. (ANSI/ASSP Z590.3‐2011(R2016))
Safety Professional:
Trained individual dedicated to the protection of people, assets, and the environment. (Authors)
Severity (of Consequence):
An estimate of the magnitude of harm or damage that could reasonably result from a hazard‐related incident or exposure. (ANSI/ASSP Z590.3‐2011(R2016))
The magnitude of potential consequences of a mishap to include: death, injury, occupational illness, damage to or loss of equipment or property, damage to the environment, or monetary loss. (MIL‐STD‐882E‐2012)
Author’s Cautionary Note: The author recommends not using emotive subjective and judgmental descriptors for Severities of Consequences. It is appropriate to use such terms for sizes or levels of risk when deciding priorities for risk treatment, e.g. if desired, the term “Catastrophic” could be used instead of “High” in the A1 cell of the matrix. But if used with Consequence Severities, there is an expectation to consider tolerability based on Consequence alone. Using them with severities encourages the restrictive and inappropriate practice of decision‐making based ONLY on Consequence Severity instead of Risk [Both Likelihood AND Consequence R = L * C]. (Whiting 2013)
Stakeholder:
Person or organization that can affect, be affected by, or perceive themselves to be affected by a decision or activity. (ANSI/ASSP/ISO 31000‐2018)
Person or organization that can affect, be affected by, or perceive itself to be affected by a decision or activity. (ANSI/ASSP/ISO 45001‐2018)
Standard:
A required or recommended practice endorsed by a credible organization. (Authors)
Strategic Risks:
Risks that arise from trends in the economy and society, including changes in the economic, political, and competitive environments, as well as from demographic shifts. (The Institutes)
Supplier:
Any entity that provides or makes available equipment, material, or professional services. (ANSI/ASSP Z590.3‐2011(R2016))
An individual, corporation, partnership, or other legal entity or form of business that provides equipment or services. (ANSI B11.0‐2020)
System:
