Risk Communication and Consultation

Definition(s)


Risk Communication and Consultation

Continual and iterative processes that an organization conducts to provide, share or obtain information, and to engage in dialogue with stakeholders regarding the management of risk.

  • Note 1 to entry: The information can relate to the existence, nature, form, likelihood, significance, evaluation, acceptability and treatment of risk.
  • Note 2 to entry: Consultation is a two-way process of informed communication between an organization and its stakeholders on an issue prior to making a decision or determining a direction on that issue. Consultation is:
    • a process which impacts on a decision through influence rather than power; and
    • an input to decision making, not joint decision making.

Source: ISO/IEC 27000:2014, Information technology — Security techniques — Information security management systems — Overview and vocabulary, Third Edition, January 2014. Global Standards