The activities associated with analyzing the KRI values for a particular risk. This includes assessing the potential consequences and the factors that affect the consequences of a particular t:Risk (determine Impact) and assessing the likelihood the t:Risk event occurs (determine Probability).
OpenReference recommends adoption of ISO 31000 processes to build Supply Chain Risk Management governance processes, systems and behaviors. Manage Supply Chain Risk (G3) provides the processes to describe an enterprise's Supply Chain Risk Management processes. ISO 31000 is copyright ISO.
Compare to: ISO 31000:2009:5.4.3 Risk Analysis.