Thursday 13 December 2018

What is ISO 31000? - risk management

iso 31000

ISO 31000 Risk Management: BS ISO 31000 is the international standard for risk management. By providing comprehensive principles and guidelines. The purpose of ISO 31000 is to provide principles and generic guidelines on risk management.

The risk is a necessary part for doing business, and in a world where massive amounts of data being process at ever faster rates, identify and mitigate risks is a challenge for any company.

It is no wonder then that many contracts and agreements of insurance require a strong evidence of good risk management practice.

The ISO 31000 provides a direction about how businesses can be integrate on the basis of the risk decision-making in an organization. It may include direction, planning, management, reports, policies, culture and values. It is an open system base on principles. Which means that it enables organizations to apply the principles in the standard for the organizational context.

Who is for ISO 31000?

ISO 31000 is applicable to all organizations, regardless of their type, size, activities and location. Even and covers all types of risk. It was develop by a variety of stakeholders and is intend to be use by anyone. Who manage the risks, not just the professional risk managers.

What are the benefits for my business?

ISO 31000 helps organizations to develop a risk management strategy to identify and effectively to mitigate risks. Thereby improving the likelihood of its objectives and increase the protection of their active. Its general objective is to develop a risk management culture. Where employees and stakeholders are aware of the importance of monitoring and managing risk.

The implementation of ISO 31000 also helps organizations to see both positive opportunities and consequences associate with risk. It allow a decision more inform and, therefore, more effective to do, namely, in the allocation of resources. In addition, you can be an active component in the improvement of the governance organization and, ultimately, their performance.

Why it was revised?

All ISO standards be review every five years and then review if necessary. This helps to ensure that they continue to be relevant, useful tools for the market. To take into account the evolution of the market and the new challenges facing businesses and organizations. Since the standard was first released in 2009, a revise version of ISO 31000 was published in 2018.

An example of this is the increasing complexity of economic systems and risk factors emerging such as digital currency. Which may be new and different risks for an organization on an international scale.

What are the main differences?

ISO 31000: 2018 provides strategic guidance to ISO 31000: 2009 and places more emphasis on both the participation of senior management and the integration of risk management in the organization. This includes the recommendation to develop a statement or policy that confirms a commitment to risk management, allocation of authority, responsibility and accountability in the levels within the Organization, and ensure that the resources need are assign to the management of risk.

The standard revised now also recommends that risk management will be part of the structure of the Organization, processes, goals, strategy and activities. Places a greater focus on value creation as the key driver of risk management and features other related principles as the continuous improvement, the inclusion of stakeholders, being customize for the Organization and consideration of human and cultural factors.

Content has been simplify to reflect a model of open systems that regularly exchange opinions with its external environment in order to adapt to a wider range of needs and contexts.
The risk is now define as the "effect of uncertainty on objectives", which focuses on the effect of incomplete knowledge of events or circumstances in the decisions of an organization.

The key objective is to make things more clear and easy, using a language to define the foundations of risk management in a way that the reader will find easier to understand. The terminology is now more concise, with certain terms that are move to 73 ISO Guide, risk management – vocabulary, which deals specifically with the terminology of risk management and is intend to be use in conjunction with ISO 31000. Work has begun on a standard terminology and implementation manual to further enhance understanding and applicability of the standard.

No comments:

Post a Comment