当前位置:首页 >> >>

risk


? ISO Focus, www.iso.org/isofocus

Main Focus
Future ISO 31000 standard on risk management
by Kevin W. Knight AM*, Chair, ISO working group on Risk Management

S

Tackling hazards

ome would suggest that the global financial crisis was caused by a failure of risk management rather than the failure of boards and top management to effectively manage risk. The future ISO 31000, Risk management – Principles and guidelines, is expected to help industry and commerce, public and private, to confidently emerge from the crisis. This much-awaited International Standard is expected to be published in the third quarter of 2009. Without risk, there is no reward or progress. Unless risk is managed effectively, organizations cannot maximize opportunities and minimize threats. Risk is all about uncertainty, or more importantly, the effect of uncertainty on the achievement of objectives. This is where ISO 31000 is clearly different from existing guidelines in that the emphasis is shifted from something happening – the event – to the effect on objectives. Every organization has objectives to achieve, and in order to achieve them, any uncertainty that could interfere with their realization must be effectively managed.

Applicable and adaptable to all
ISO 31000 sets out principles, a framework, and a process for the management of all forms of risk, including safety and environment, in all organizations, regardless of size. It does not mandate a one-size-fits-all approach, but emphasizes tailoring the principles and guidelines to the specific needs and structure of the organization. Following a list of terms and definitions, the standard sets out 11 princi* Member of the General Division of the Order of Australia (AM). ISO Focus June 2009

7

? ISO Focus, www.iso.org/isofocus

Main Focus
not be an add-on, or a separate activity divorced from the mainstream management of the business.

A strategic process
The risk management process contained in ISO 31000 follows the well worn lead set by the Australian and New Zealand Standard AS/NZS 4360, which consists of :

?
ples to be addressed in order to effectively manage risks and achieve objectives. The principles need to be reviewed by the board and top management so they may reflect the organization’s policy. The next section looks at the framework needed to provide the foundations and arrangements that will embed the management of risk at all levels of the organization. It calls for risk management components to be adapted into the existing management system in order to ensure ownership of the policy and process by management and staff.

Communication and consultation Establishing the context Risk assessment consisting of the three steps of identification, analysis and evaluation Risk treatment Monitoring and review.

Commitment of top management
The overarching component of the framework is the mandate and commitment of the organization’s board and top management to the implementation, review and continual improvement of how risk is managed. The end goal : to ensure risk is fully focused on the achievement of objectives. This focus on objectives is imperative if enterprise risk management (ERM) is to be achieved by a common language and process throughout the organization.

? ?

? ?

The process set out needs to become an integral part of how business is managed at all levels. It must be tailored to the business processes and woven into the culture and practices of the organization that make it uniquely different from its competitors. All activities should be traceable by way of records that provide the foundation for improvement in methods and tools, as well as in the overall process. Finally, an informative annex sets out the attributes of enhanced risk management for those organizations that have been working on managing their risks for some time and may wish to strive for a higher level of achievement.

About the author
Kevin W. Knight AM* is Chair of the ISO working group developing the new ISO 31000 risk management standard and the revision of ISO/IEC Guide 73 (risk management vocabulary), and a founding member of the Standards Australia/ Standards New Zealand Joint Technical Committee OB/7– Risk management. He is well known through his very active work in the development of risk management standards and has been active in furthering the risk management profession and the professional development of its practitioners, both worldwide and throughout the Asia-Pacific Region in particular, over the past 25 years. E-mail : kknight@bigpond.net.au
* Member of the General Division of the Order of Australia (AM).

“ Risk needs to become an integral part of how things are managed. ”
The framework calls for a clear understanding of the context in which the organization operates. The risk management policy must clearly state the organization’s commitment to the management of risk. More importantly, the standard requires organizations to identify risk owners to ensure accountability and authority. For example, the standard seeks to differentiate between those who are “ accountable ” for managing risk (those persons with a liability, either corporate or legal, for their decisions or lack of decision) and those who are “ responsible ” for specific tasks (those persons with an obligation to carry out an instruction from a competent authority). The framework also sets out how the management of risk is to be woven into the organizational fabric. Risk needs to become an integral part of how things are managed; it should

Representing the very best
The working group that produced ISO 31000 contained experts from some 28 countries representing all continents (except Antarctica). All meetings of the working group had strong attendance, ranging from 40 to 60 delegates depending on the meeting location, with a significant core group who participated in all meetings. It is precisely because of this core group, ably supported by the other expert delegates and backed up by the national mirror committees, that ensures ISO 31000 represents the very best of contemporary risk management thought.

8

ISO Focus June 2009


相关文章:
风险评估表Risk assessment.doc
风险评估表Risk assessment - 专业而易学的基本工作环境安全评估~中英文对照... Risk Assessment Form 估表 CSR Health & Safety Each Departmental Manager is ...
【美联英语】新概念英语risk的相关短语.doc
【美联英语】新概念英语risk的相关短语 - 两分钟做个小测试,看看你的英语
...7 Capital Allocation Between the Risky Asset and the Risk-....txt
Chapter 7 Capital Allocation Between the Risky Asset and the Risk-Free Asset_经济学_高等教育_教育专区。Multiple Choice Questions ...
CreditRisk+模型_图文.ppt
CreditRisk+模型 - CreditRisk + 模型 CreditRisk+模型 在财产保险精算思想和方法的启发下,瑞士信贷银 行金融产品部开发出了基于财险精算方法的违约模型,记...
@Risk风险分析软件介绍_图文.doc
@Risk风险分析软件介绍 - @RISK(读作“at risk”)使用蒙特卡罗
Risk and Life.doc
Risk and Life - Risk and Life 写在前面 今天自己读了王尔德的《To Risk》拿过来和大家分享 To Risk To laugh is to risk appea...
Book-6:unit3HIV:are-you-at-risk好课件_图文.ppt
Book-6:unit3HIV:are-you-at-risk好课件 - HIV/AIDS: ARE YOU AT RISK? 小姑娘的双手因为 艾滋病感染变得 红肿不堪 留儿 下子 一...
Risk-Spectrum 软件介绍_图文.ppt
软件简介三、软件的主要内容 软件主界面包括:主菜单、工具条 和Risk-Spec
保险术语.doc
保险术语 - 2.1 风险 风险 risk 纯粹风险 pure risk 投机风险 speculative risk 财产风险 property risk 责任风险 liability risk...
GRACE-Risk-Score_图文.ppt
GRACE-Risk-Score - 以实为镜,尽知风险 GRACE危险分层 为
3 Risk Aessessment.pdf
3 Risk Aessessment - Risk assessment Und
Risk风险模块介绍_图文.pdf
Risk风险模块介绍_计算机硬件及网络_IT/计算机_专业资料 暂无评价|0人阅读|0次下载|举报文档Risk风险模块介绍_计算机硬件及网络_IT/计算机_专业资料。Chapter 1. ...
风险管理术语及其关系图.doc
】 风险 risk 风险管理 Risk management 风险管理框架 Risk management framework 风险管理方针 Risk management policy 风险管理计划 Risk management plan 风险管理过程...
第七讲 项目风险管理.ppt
? A risk management plan documents the procedures for managing risk throughout the project 风险管理计划编制 就是决定采用何种 方法进行风险管理 活动并制定相应...
Risk Management 风险管理_图文.ppt
Risk Management 风险管理 - RISK MANAGEMENT ZP Arabia Drilling Co.. Ltd. What is Risk Management? ...
【管理精品】CH11-RISK[1]_图文.ppt
【管理精品】CH11-RISK[1] - PMP Preparation Training Risk Management Chapter 11 Risk Management Proces...
Risk limiting method_图文.ppt
Risk limiting method - Why should we change? Traditional Risk Assessment Method: Identify RPNs ab...
风险与保险_图文.ppt
[教学重点和难点] 风险的定义、风险的要素、风险管 理理论及可保风险特征 [教学方法和手段] 课堂讲授、课堂练习、设疑法 Chapter 1 Risk & Insurance 1 第一...
Risk Management(风险管理)_图文.ppt
Risk Management(风险管理) - IS5540 Project Management & Quality Assurance Week 8 - Project Risk Manag...
Risk+Management+Plan+SAMPLE.pdf
Risk+Management+Plan+SAMPLE - IT Risk Management Plan... Risk+Management+Plan+SAMPLE_金融/投资_经管营销_专业资料。IT Risk Management Plan Commonwealth of ...
更多相关标签: