Risk MGMT
Risk MGMT
Why standards help improve risk management effectiveness Standards can improve the effectiveness of risk management by providing generic guidelines and drawing attention to the key principles and activities required. This happens in two ways The content of ISO 31000 forms a checklist against which an organization can assess the completeness of its own approaches in terms of both principles and activities. This leads to fewer organizations missing vital activities that national (or international) consensus deems necessary for the effective management of risk. Effective management relies on good communications and these, in turn, rely on the use of a consistent vocabulary. By standardizing the use of words in a particular context, people are able to work together more easily and with fewer misunderstandings. ISO Guide 73:20093 provides a risk management vocabulary.
Risk: Guidance
Once standards have been established, they can promote continuous improvement by being periodically reviewed and updated. This ensures the latest consensus on best practice is included and any omissions or clarifications dealt with. In this way all users of standards benefit from the collective experience of all other users.
The international standard ISO 31000 covers the key concepts and activities for managing risk and is intended to harmonize risk management processes in existing and future standards. It sets out the guidelines for implementing effective risk management in an organization
ISO 31000--Introduction
Organization- and activity-focused, relevant to any public, private or community enterprise, group or individual. Audience includes people who are: Responsible for developing risk management policy Accountable for ensuring risk is managed Evaluating the effectiveness in managing risk Engaged in developing standards, guides, procedures, etc. Describes a generic approach for managing any sort of risk in any context, linking together principles, a framework and a process.
ISO 31000--Introduction
Defines risk as effect of uncertainty on objectives Lists just the main benefits.
Risk
The potential failure mode or hazard How might this part or process fail to meet the requirements? What could happen which would adversely affect performance? What would an stakeholder consider to be unacceptable? The anticipated effect of this failure mode/hazard on the process outcome
References
1 Management of Risk: Guidance for Practitioners, third edition. Office of Government Commerce. The Stationery Office, 2010. 2. ISO 31000:2009, Risk Management Principles and Guidelines. International Organization for Standardization, 2009. 3 ISO Guide 73:2009, Risk Management Vocabulary. International Organization for Standardization, 2009 4 ISO/IEC 31010:2009, Risk Management Risk Assessment Techniques. International Organization for Standardization, 2009. 5 BS 31100:2011, Risk management. Code of Practice and Guidance for the Implementation of BS ISO 31000. British Standards Institution, 2011. 6 The Orange Book. Management of Risk Principles and Concepts. HM Treasury, 2004. 7 Best Management Practice Portfolio: Common Glossary of Terms and Definitions. Best Management Practice, 2012. Available at http://www.best-management-practice.com/ gempdf/BMP_Common_Glossary_2012.pdf