The first step in the risk management process that answers the question, “What are the program's risk and issue management processes?” It consists of the activities to develop, implement, and document steps the program will take to mitigate individual risks. The Systems Engineering Plan (SEP) should summarize the process. If a program develops a Program Risk Process (PRP) document that describes the process in more detail, the program can refer to the PRP in the SEP. The PRP outlines each of the risk management process steps (Risk Planning, Risk Identification, Risk Analysis, Risk Mitigation, and Risk Monitoring). The PRP should address the program's risk, management organization, ground rules and assumptions, candidate risk categories, and use of any risk management tools.