ECSS-M-00-03A – Risk management (25 April 2000)

This Standard has been cancelled and replaced by ECSS-M-00-03B Risk Management (16 August 2004).


This Standard defines, extending the requirements of ECSS-M-00, the principles and requirements for integrated risk management on a space project; it explains what is needed to implement a project integrated risk management policy by any project actor, at any level i.e. customer, first level supplier, or lower level suppliers.

This Standard contains a summary of the general risk management process, which is sub-divided into four (4) basic steps and nine (9) tasks. The implementation can be tailored to project specific conditions.

The risk management process requires information exchange between all project domains, and provides visibility over risks, with a ranking according to their criticality for the project; these risks have to be monitored and controlled according to the rules defined for the domain to which they belong.

The fields of application of this Standard are all the space project phases defined in ECSS-M-30.


When viewed from the perspective of a specific project context, the requirements defined in this Standard should be tailored to match the genuine requirements of a particular profile and circumstances of a project.

NOTE Tailoring is a process by which individual requirements of specifications, standards and related documents are evaluated, and made applicable to a specific project by selection, and in some exceptional cases, modification of existing or addition of new requirements.