There should be a WikiProject Risk Management - the articles are scattered and of highly varying quality, lacking definitional and structural cohesion. Perhaps it could be a subproject of a wider WikiProject Security (might help with CompSec scope creep). Should be made useful somehow to WikiProject Risk.
It should be concerned with business/enterprise/institutional/organizational risk management, as opposed to the (already defined via WikiProject Disaster Management) more societal/governmental emergency management (sometimes called disaster management, however there is the confusing terminology of BCDR which uses 'disaster' to specifically distinguish IT assets) - although there is plenty of overlap.