Abstract. Theoretical background of enterprise risk management can be considered as founded by the ISO 31000 standard family and the COSO recommendation. However, their application in a given company domain requires knowledge of the local environment, and professional experience. Nowadays risk management is still anchored to functional fields, or organisational units (logistics, finance, quality management, HR, IT, e.g.). According to the view of the authors, this approach could results in parallel, multiple regulations of risk management. This could be avoided by a holistic view, and a risk based analysis of company processes. Writing this study is aimed at three
major goals:
- providing an overview of the bases of process and risk management,
- proposing a professional idea to be used at risk management of processes (Is it possible to reduce business
risk by analysing availability of resources assigned to processes?),
- providing a review of standards and recommendations which can be used in process risk management.