ISO 31000

How do you interpret “Risk assessment/analysis” mentioned in the CISSP exam outline?

The Sybex official study guide used “assessment” and “analysis” interchangeably. In fact, it seemingly equals “risk analysis” to “risk assessment.” Besides, its “risk assessment” includes risk response/treatment.
It conflicts with the NIST FARM model (Frame, Assess, Respond, and Monitor) and ISO 31000.

References