The activities associated with discovery, recognizing and describing risks that might affect your supply chain or its results. This may include documenting the supply chain network and associating risks at each node and/or process in the supply chain network and includes classifying the risk as internal or external. A typical deliverable of this process is to create and classify new entries in the Risk Register or Risk Log and classify these entries.
OpenReference recommends adoption of ISO 31000 processes to build Supply Chain Risk Management governance processes, systems and behaviors. G3 provides the processes to describe an enterprise's SCRM processes. ISO 31000 is copyright ISO.
Compare to: ISO 31000:2009:5.4.2 Risk Identification.