The University of SydneyPage 29AS/NZS ISO 31000-2018 –Risk Management Process–Comprehensive identification of risks is critical–Identify risks -whether or not they are under organisations control–Whatcan happen….whereand whenit can happen--comprehensive list of sources of risks and events which may affect objectives–Whyand howit can happen…--consider possible causes and scenarios–Tools and techniques…to generate a risk register--Local or overseas experience--Expert judgment--Structured interviews--Focus group discussions--SWOT analysis--Insurance claims reports--Post event reports--Personal experience or past organisational experience--Results and reports from audits, inspections and site visits--Surveys and questionnaires / Checklists--Historical records, incident databases and analysis of failuresIdentify Risksl What can happenl When & wherel How & why