This Standard provides guidance and current best practices for developing and embedding a framework and process of risk management in supply chain management. It can be applied to any type of organization, and its supply chain, regardless of size. This Standard adopts the risk management framework and process described in the ISO 31000:2009 - Risk management --Principles and guidelines as the framework and process of Supply Chain Risk Management (SCRM). It provides current best practices to:a) Identify internal and external environments (including dependencies and interdependencies); b) Define risk criteria; c) Assess risk (identify, analyze, and evaluate);d) Consider and implement risk treatments and controls; ande) Continually monitor and review risks and their treatment.