Академический Документы
Профессиональный Документы
Культура Документы
Doug Newdick
A set of risk management terms and their definitions A set of principles for guiding and informing effective risk management for an enterprise An outline and process for creating a risk management framework An outline and process for creating a risk management process
Clear Sensible Brief (24 pages)
Detailed instructions on how to manage risk A complete risk management framework A complete risk management process Formats or attributes for describing risks Templates Guidance on how to identify risks Advice on how to manage risks for a specific domain
Risk Management and ISO 31000
Australia and NZ developed AS/NZS 4360:1999 in 1999. This was revised and reissued as AS/NZS 4360:2004 in 2004. Australia and New Zealand led the world in enterprise risk management at this point! There was no agreed de jure or de facto international standard in place at this stage. There were a small number of competing frameworks which were regarded as unsatisfactory. In 2005 the International Standards Organisation started work on ISO 31000 using AS/NZS 4360:2004 as its first draft. ISO 31000 was issued to widespread acclaim in 2009.
Principles
Framework
Process
Tailored
Accountability
Integration into organisational processes Establishing internal communication and reporting mechanisms
Resources
Risk assessment Risk identification Communication and consultation Monitoring and review
Risk analysis
Risk evaluation
Risk treatment
Facilitate communication:
Using the terms, principles and guidelines in ISO 31000 means you dont have to spend time and effort creating your own. You can spend time on the things that really add value managing the actual risks. Avoid misunderstandings by using concepts and terms that are well known in the risk management community. Take advantage of the significant expertise in risk management that the ISO has used in coming up with the standard. Ensure you dont miss out any aspects of risk management by using the standard as a checklist.
When you are asked to identify or assess risks When you are asked to manage risks When you are asked to assess a risk management framework or process
Use it to frame the scope of the work Use it to guide the engagement Use it to create a risk management process
ISO 31000 gives you a structured, credible foundation for discussions with about risk and risk management. ISO 31000 gives you a starting point for a risk management process if you dont have one. ISO 31000 gives you a standard vocabulary for talking about risks and risk management. ISO 31000 gives you a baseline for comparisons and assessments of risk management processes.
Follow me on Twitter:
@dougnewdick