You are on page 1of 1

The organization shall notify relevant personnel, including the customer when required by

contract, of the change and residual or new risk due to changes that have either been
initiated by the organization or requested by the customer.

While Clauses 5.5 and 5.11 both contain requirements related to risk, their requirements are not explicitly
and holistically mentioned in Clause 5.3.

The note contained in Clause 5.3 as quoted below is important in understanding how to implement a
risk assessment and management procedure: