Save or Share this Report

For Security & Risk Professionals

The Risk Manager's Handbook: How To Identify And Describe Risks

Documenting The Sources Of Uncertainty That Might Affect Your Organization, Project, Asset, Or Objective

January 12, 2011

Primary author headshot


Why Read This Report

Enterprise risk management (ERM) programs are helping to break down organizational silos so that executives can gain insight on the risks that may affect all aspects of their business. Unfortunately, this trend is taking a toll on risk managers. It's becoming impossible for them to wield subject matter expertise across a growing number of risk domains, so instead they must be masters of procedural guidance. In the second core step of the risk management process, which the ISO 31000 standard labels "identify the risks," this means developing a comprehensive risk taxonomy, establishing a recurring set of risk assessment techniques, and guiding the documentation of risks in a way that will direct future decisions during the risk analysis and risk evaluation steps.

Get Access

Already a Client?

Log in to read this document.

Become a Forrester Client

Customers are the new market-makers, reshaping industries and changing how businesses compete and win. Success depends on how well and how fast you respond. Forrester Research gives you insights and frameworks aligned to your role to shorten the time between a great idea and a great outcome, helping your teams win in the age of the customer. Contact us to learn more.

Purchase Report

This report is available for individual purchase ($499 USD).


Also in Collection: The Risk Manager's Handbook

Table of Contents

  • Forrester's Risk Manager's Handbook Series
  • Successful Risk Management Means Knowing What To Watch And What Not To
  • Identify The Risks To Protect Against Unexpected Losses And Failures

  • Risk Managers Should Not Focus On Identifying Risks
  • Related Research Documents

Recommended Research