This document defines risk as the effect of uncertainty on objectives. It discusses the likelihood and impact of risks and how risks can be adverse, positive, or related to technical problems. It then discusses enterprise risk management in the context of a banking industry, covering strategic risks, operational risks, financial risks, compliance risks, and provides an example of evaluating the risk of an IT system failure at a Jordanian bank.