ISO 17666:2016 defines, extending the requirements of ISO 14300‑1, the principles and requirements for integrated risk management on a space project. It explains what is needed to implement a project-integrated risk management policy by any project actor, at any level (i.e. customer, first-level supplier, or lower-level suppliers).

It contains a summary of the general risk management process, which is subdivided into four (4) basic steps and nine (9) tasks. The implementation can be tailored to project-specific conditions.

The risk management process requires information exchange among all project domains and provides visibility over risks, with a ranking according to their criticality for the project; these risks are monitored and controlled according to the rules defined for the domains to which they belong.

The fields of application of ISO 17666:2016 are all the space project phases. A definition of project phasing is given in ISO 14300‑1.

When viewed from the perspective of a specific programme or project context, the requirements defined in ISO 17666:2016 are tailored to match the genuine requirements of a particular profile and circumstances of a programme or project.