The internal risk management policies that identify, assess and prioritise risks in an IT environment. The methods used to minimise, monitor and control the possibility and the impact of disastrous events that affect the reaching of business goals.
Data Source: Unified Global Standards (ISCED, ISCO, O*NET, ESCO)