Ah, finally something that the common man wants. A mandatory risk management strategy compliant with ISO/IEC guidelines