当前位置:首页 >> >>


? ISO Focus, www.iso.org/isofocus

Main Focus
Future ISO 31000 standard on risk management
by Kevin W. Knight AM*, Chair, ISO working group on Risk Management


Tackling hazards

ome would suggest that the global financial crisis was caused by a failure of risk management rather than the failure of boards and top management to effectively manage risk. The future ISO 31000, Risk management – Principles and guidelines, is expected to help industry and commerce, public and private, to confidently emerge from the crisis. This much-awaited International Standard is expected to be published in the third quarter of 2009. Without risk, there is no reward or progress. Unless risk is managed effectively, organizations cannot maximize opportunities and minimize threats. Risk is all about uncertainty, or more importantly, the effect of uncertainty on the achievement of objectives. This is where ISO 31000 is clearly different from existing guidelines in that the emphasis is shifted from something happening – the event – to the effect on objectives. Every organization has objectives to achieve, and in order to achieve them, any uncertainty that could interfere with their realization must be effectively managed.

Applicable and adaptable to all
ISO 31000 sets out principles, a framework, and a process for the management of all forms of risk, including safety and environment, in all organizations, regardless of size. It does not mandate a one-size-fits-all approach, but emphasizes tailoring the principles and guidelines to the specific needs and structure of the organization. Following a list of terms and definitions, the standard sets out 11 princi* Member of the General Division of the Order of Australia (AM). ISO Focus June 2009


? ISO Focus, www.iso.org/isofocus

Main Focus
not be an add-on, or a separate activity divorced from the mainstream management of the business.

A strategic process
The risk management process contained in ISO 31000 follows the well worn lead set by the Australian and New Zealand Standard AS/NZS 4360, which consists of :

ples to be addressed in order to effectively manage risks and achieve objectives. The principles need to be reviewed by the board and top management so they may reflect the organization’s policy. The next section looks at the framework needed to provide the foundations and arrangements that will embed the management of risk at all levels of the organization. It calls for risk management components to be adapted into the existing management system in order to ensure ownership of the policy and process by management and staff.

Communication and consultation Establishing the context Risk assessment consisting of the three steps of identification, analysis and evaluation Risk treatment Monitoring and review.

Commitment of top management
The overarching component of the framework is the mandate and commitment of the organization’s board and top management to the implementation, review and continual improvement of how risk is managed. The end goal : to ensure risk is fully focused on the achievement of objectives. This focus on objectives is imperative if enterprise risk management (ERM) is to be achieved by a common language and process throughout the organization.

? ?

? ?

The process set out needs to become an integral part of how business is managed at all levels. It must be tailored to the business processes and woven into the culture and practices of the organization that make it uniquely different from its competitors. All activities should be traceable by way of records that provide the foundation for improvement in methods and tools, as well as in the overall process. Finally, an informative annex sets out the attributes of enhanced risk management for those organizations that have been working on managing their risks for some time and may wish to strive for a higher level of achievement.

About the author
Kevin W. Knight AM* is Chair of the ISO working group developing the new ISO 31000 risk management standard and the revision of ISO/IEC Guide 73 (risk management vocabulary), and a founding member of the Standards Australia/ Standards New Zealand Joint Technical Committee OB/7– Risk management. He is well known through his very active work in the development of risk management standards and has been active in furthering the risk management profession and the professional development of its practitioners, both worldwide and throughout the Asia-Pacific Region in particular, over the past 25 years. E-mail : kknight@bigpond.net.au
* Member of the General Division of the Order of Australia (AM).

“ Risk needs to become an integral part of how things are managed. ”
The framework calls for a clear understanding of the context in which the organization operates. The risk management policy must clearly state the organization’s commitment to the management of risk. More importantly, the standard requires organizations to identify risk owners to ensure accountability and authority. For example, the standard seeks to differentiate between those who are “ accountable ” for managing risk (those persons with a liability, either corporate or legal, for their decisions or lack of decision) and those who are “ responsible ” for specific tasks (those persons with an obligation to carry out an instruction from a competent authority). The framework also sets out how the management of risk is to be woven into the organizational fabric. Risk needs to become an integral part of how things are managed; it should

Representing the very best
The working group that produced ISO 31000 contained experts from some 28 countries representing all continents (except Antarctica). All meetings of the working group had strong attendance, ranging from 40 to 60 delegates depending on the meeting location, with a significant core group who participated in all meetings. It is precisely because of this core group, ably supported by the other expert delegates and backed up by the national mirror committees, that ensures ISO 31000 represents the very best of contemporary risk management thought.


ISO Focus June 2009

risk_focus_09-06 - ? ISO Focus, www.iso.
risk_focus_09-07 - ? ISO Focus, www.iso.
产品合格率月考核方案(09.06.12)_解决方案_计划/解决方案_实用文档。We will...To strengthen risk ma nagement, e ns ure that the busine ss of "zero ...
...Non-major English Course Program (.2011.09-06)_....ppt
Course Program (.2011.09-06)_高等教育_教育专区...Risk Management & Insurance E-Commerce & Internet...Teaching and Learning Focus Reading Business ...
...Non-major English Course Program (.2011.09-06)_....ppt
Program (.2011.09-06)_英语学习_外语学习_教育...Risk Management & Insurance E-Commerce & Internet...Teaching and Learning Focus Reading Business ...
Clinical Focus, M ay 5, 2003, V ol 18, No...( 2003) 09 - 0521 - 02 血脂异常作为心血管...Saf ety of treatm ent , changes in risk ...
focus/Focus-out 焦点模糊 Gobo 前景 工作常用术语 ...Risk 风险 Rushes 毛片 Safetry plug 安全插座 ...2018-06-24 12:09:57 文档贡献者 litteyes8 贡献...
壳牌公司经典PPT欣赏 - 壳牌 经典 PPT 模板... '06 '07 WORKING HOURS (RHS) '08 TRCF '09 '10 H1 11 Customer and partner focus Sustainability & growth ...
s risk and Cirrus disclaims and makes no ...Target applications focus on the high power ....09 .075 .07 .06 .05 .04 .03 .02 .015 ...
genpact - Genpact公司参加印度软件外包大会的发言资料... Focus on Voice processes Genpact Poland center ...‘06 1050 ‘07 1600 ‘08 2100 ‘09 2300+ ...
Focus on Language Show Time 2 1 Warming-up Rel...http://www.chinadaily.com.cn/2011-09/06/...risk factor for later physically aggressive behavior...
09_frm_practiceexam_其它考试_资格考试/认证_教育...12.06. 13.28. 13.57. 76. Assume that ...risk weightings to focus on credit risk only. ...
SAP GRC_图文.pdf
Workshop after workshop Siloed risk thinking Focus only on negative risks ?...06. 07. 08. 09. (GRC) ( ) (Closed Loop) ? SAP 2007 / Page 32 ...
focus fold forge form fulfill furnish generate ...risk rotate sail scare scrape seal select settle ...2018-06-20 23:23:09 文档贡献者 我是笨猪一头...
FOCUS 红角洲是09年的热点受制于土地供应、...0506年,红角洲主力客户以公务员、投资客为...缺少人气和热度的积累 RISK 项目机会 CHANCE ...
(2009)09- 0004- 07 电网与清洁能源 Power System...risk has been a new research focus ABSTRACT: ...06 安天瑜等: 电力系统风险研究现状 Vol.25 No.9...
Project QM plan ENCN R20161101A.xls
Risk assessment / 风险评估: Other Risks / 其他评估...06/11 07/11 08/11 09/11 10/11 11/11 12/...MK100 Yoke Focus Element 焦点元素 Q-Planning Ele...
日子要一天天的过 多关注好事,而不是烦恼 Focus ...Or give one, You must risk And you must lose...励志英文诗 2018-06-19 09:21:51 文档贡献者 ...
01 CustFocus.ppt
06 BasicStat 07 Graph Analysis 08 Multiv Anal 09 Capability1/2 相关文档推荐 01 CustFocus(关注客户) 暂无评价 24页 免费 01直线运动 暂无评价 2页 1财富...
Acct Ch13 Decentral Perf (May 24)_图文.ppt
3. It encourages managers to focus on operating ...0.09(1 0.4) = .054 0.06 + 0.06 = ...million in common stock (same risk as other ...