This Standard provides guidance and current best practices fordeveloping and embedding a framework and process of risk managementin supply chain management. It can be applied to any type oforganization, and its supply chain, regardless of size. ThisStandard adopts the risk management framework and process describedin the ISO 31000:2009 - Risk management -- Principles andguidelines as the framework and process of Supply Chain RiskManagement (SCRM). It provides current best practices to:
a) Identify internal and external environments (includingdependencies and interdependencies);
b) Define risk criteria;
c) Assess risk (identify, analyze, and evaluate);
d) Consider and implement risk treatments and controls; and
e) Continually monitor and review risks and their treatment.