Risks affecting organizations can have consequences in terms of economic performance and professional reputation, as well as environmental, safety and societal outcomes. Therefore, managing risk effectively helps organizations to perform well in an environment full of uncertainty.
ISO 31000:2009, Risk management – Principles and
guidelines,
provides principles, framework and a process for managing risk. It can be used by any organization regardless
of its size, activity or sector. Using ISO 31000 can help organizations increase the likelihood of achieving
objectives, improve the identification of opportunities and threats and effectively allocate and use
resources for risk treatment.
However, ISO 31000 cannot be used for certification purposes,
but does provide guidance for internal or external audit programmes. Organizations using it can compare
their risk management practices with an internationally recognised benchmark, providing sound principles
for effective management and corporate governance.
A number of other standards also relate to risk management.
by
Organizations can now benefit from a well-stocked toolbox for risk management featuring :• ISO 31000:2009, Risk management – Principles and guidelines• ISO Guide 73:2009, Risk management vocabulary• ISO/IEC 31010:2009, Risk management – Risk assessment techniques.
by
One could argue that the global financial crisis was caused by a failure of management rather than a failure of risk management. Those organizations whose boards promoted an effective risk management culture passed through the crisis relatively unscathed – the banking and finance industry in Australia and Canada being two examples.
by
Effective responses to a frequently wide range of disruption-related risks require a concerted approach to the management of emergency preparedness.
