What it aims to provide is an appropriate appreciation of the factors that may influence the ability of the organization to achieve its objectives, and to what extent they are influences. The output from this step is a statement of the organizational environments, influences objectives and criteria for success. It defines the scope and objectives for any risk management study, and is fundamental to setting the stage for all that follows.
It's easy to try to shortcut this process but failing to fully understand the context fundamentally flaws the quality of the any risk analysis and treatment. Broken down to it’s fundamentals, the objective of understanding the context is to:
- Determine and document the environment in which the organization operates
- Determine and document the key drivers in that environment
- Clearly articulate the organization’s objectives
- Define tolerances and criteria against which risks will be measured
- Specify scope and objectives for risk management, and the outcomes required
- Define a set of key elements for structuring the risk identification and assessment process.