Key points are not available for this paper at this time.
Risk management is a systematic process of identifying, analyzing, evaluating, and mitigating risks to achieve organizational objectives. One important initial stage in risk management is context establishment. Background: This article aims to explain context establishment in the risk management process based on ISO 31000:2018. Methods: A methodological literature review is employed. Finding: Context establishment consists of internal and external contexts. The internal context includes governance, organizational structure, vision, mission, policies, objectives, strategies, resources, information systems, and organizational standards. Meanwhile, the external context encompasses social, cultural, political, legal, economic, natural, driving factors, contractual relationships, and stakeholder perspectives. Furthermore, the context establishment in risk management defines the boundaries of risk management process implementation such as objectives, types of risks, stakeholders, scope, activities, and evaluation. Finally, risk criteria establishment consists of probability and impact criteria used to measure the level of risk. Conclusion: Comprehensive context establishment is necessary for organizations to recognize risks and their impacts on achieving organizational objectives.
Raihanah et al. (Thu,) studied this question.