Future ISO 31000 standard on risk management
Organizations with a commitment to managing risk know that implementing standards can enable them to do so more effectively and therefore maximize opportunities and minimize losses in the course of achieving corporate objectives. This article examines the future ISO 31000 standard which will be a strategic-level document covering all forms of risk, including safety and the environment.
by Kevin W. Knight
and ISO standards
Many organizations prefer to spend time debating whether to introduce “ holistic risk management ” or “ enterprise risk management ” or even “ enterprise-wide risk management ”, while others are content to settle for a “ tick and flick ” compliance programme that will hopefully keep the regulators happy. The successful organization however works on identifying the risks involved in achieving their objectives and managing them to ensure a successful outcome. Organizations with a commitment to managing risk are generally more open to the
adoption of standards such as ISO 9001:2000 (quality management), ISO 14001:2004 (environmental management) and ISO 15489:2001 (records management). Organizations know that adopting International Standards, in full or in part, can enable them to manage risk more effectively and therefore maximize opportunities and minimise losses in the course of achieving corporate objectives. Management of risk is an integral part of good management. It is an iterative process that is best embedded into existing practices or business processes.
s
the risk takers at all levels within an organization. It is the risk makers and the risk takers who must be the owners of risk and accountable for its effective management. A consequence of the uncertainty as to the place of the...