标准摘要
[中文适用范围]: 组织应定义每个风险管理体系应用的目标、界限和范围,并形成文件以提供保证,证明风险管理全面、有效和高效 [外文原描述]: This document provides guidance on risk management practices for the IT enabled services-business process outsourcing (ITES-BPO) service provider for the outsourced business processes. It provides guidance for planning, establishing, implementing, operating, monitoring, reviewing, maintaining and improving the risk management framework for the ITES-BPO services. This document: — covers IT enabled business processes that are outsourced; — is applicable to the service provider; — is applicable to all lifecycle processes of ITES-BPO; — is not intended to cover IT services. The guidelines in this document align to ISO 31000, elaborating the risk principles, risk management framework and risk management process from an ITES-BPO perspective.
英文名称Information technology - IT Enabled Services-Business Process Outsourcing (ITES-BPO) lifecycle processes - Part 6: Guidelines on risk management