ABSTRACT
The five-step risk management scheme of ISO 31000 or similar schemes have been applied to very diverse domains including logistics, health care, aviation, construction, defense, finance and security. We show that the risk management process of ISO 31000 can be modeled with the semi-formal Systems Modeling Language (SysML). We model requirements and process described in ISO 31000. We present how selected SysML diagrams are employed, namely the use case diagram, activity diagram and requirement diagram. We select a minimum set of well-known methods for fulfilling the requirements of the risk management process for hazard risks as well as for opportunity risks. We use examples mainly in the urban security domain for illustration of the risk/opportunity management process. In addition, we indicate how to use the risk management scheme for modeling the monitoring of the evolution of risks and chances as well as for modeling an early warning system, e.g. during the application of recommended counter actions and actions, respectively.
