a set of measures taken by an organization (e.g. an enterprise, a local authority) aimed at protecting the organization from any unexpected events when reaching its assumed goals. It is usually assumed that the risk management covers three stages of operation, i.e. identification, assessment and taking the risk.