ISO28000要求组织机构考虑事件发生的可能性，及其造成的所有后果
ISO28000 requires the organization to consider the possibility of the occurrence of the event, all the consequences and causes
在评估运作的相关安全风险时，ISO/DIS 28000要求组织机构考虑事件发生的可能性，及其造成的所有后果，其中包括：
In the operation of the relevant security risk assessment, ISO/DIS 28000 requires the organization to consider the possibility of the occurrence of the event, all the consequences and causes, including:
* 物理性事故的威胁和风险，如功能事故、意外损坏、恶意破坏、恐怖或犯罪行为
* the physical nature of the accident threat and risk, such as accident, accidental damage, malicious damage, a terrorist or criminal behavior
* 运作性威胁和风险，包括安全控制、人为因素及其它影响组织机构绩效、状态或安全的活动
* operation of threats and risks, including safety control, human factors and other influence organizational performance, state or safety activities
* 自然环境（暴雨、洪灾等）所导致安全措施和设备丧失效能
* the natural environment (rain, floods etc.) caused the safety measures and the loss of efficiency of equipment
* 组织机构控制能力以外的因素，如外界提供的设备和服务存在问题
* to factors outside the organization control ability, such as equipment and services provided outside the existing problems
安全风险一旦得到识别和评估，必须制订相应的目标、指针和计划，以消除或大幅减低其潜在影响（这在很大程度上与ISO 14001相互契合，即要求组织机构制订相应的目标、指针和计划，以大幅减少其运作所带来的环境影响）。
Once you get a safety risk identification and assessment, must formulate corresponding target, pointer and planning, in order to eliminate or significantly reduce the potential impact (to a large extent with the ISO 14001 fit each other, namely the organization of the formulation of corresponding target, pointer and plan to drastically reduce the number of its operation, the environmental impact of the).