As a risk professional, you are now in a position to exert more influence on your firm and increase the value your team offers, but if your efforts are unfocused, determining success will be difficult. Clearly define the parameters of your program, a step in the risk management process the ISO 31000 standard refers to as “establishing the context.” This report draws from this standard as well as industry best practices to explain this crucial step, which includes establishing the internal context, the external context, the risk management context, and the risk criteria.