What is risk-based approach in ISO?

What is risk-based approach in ISO?