ISO 31000:2018 Enterprise Risk Management Guidelines
Risk management is the identification, evaluation, and prioritization of risks followed by application of resources to minimize, monitor, and control the probability or impact of unfortunate events or to maximize the realization of opportunities