Risk management is a continuous process that could endanger the objectives of a project or application. Risks are handled to reduce and avoid threats effects on the objectives of the  project. The sources of risk are both internal and external to the project. This research will identify general measures for the specific goal and its specific practices of Risk Management Process Area (PA) in Capability Maturity Model Integration (CMMI). CMMI is developed by Software Engineering Institute (SEI) in Carnegie Mellon University in USA. CMMI is a framework for improvement and assessment of computer information systems. The method we used to define the measures is to apply the Goal Questions Metrics (GQM) paradigm to the specific goals and its   specific practices of  Risk Management Process Area in CMMI.