Risk is all around us, all the time! So where does the 10,000 mile journey of ‘risk management’ begin? ISO 31000:2018 has some ideas and can get you started. Managing risk pays many benefits including the enhancement of Organizational Resilience. This includes improved performance from fewer ‘surprises’. This is the first of 4 posts on ISO 31000 and Risk Management.
ISO 31000:2018 presents this model in 3 sections:
Principles: Value Creation and Protection
- Integrated – make risk management part of the culture
- Structured and Comprehensive – find as many areas as make sense
- Customized – a ‘cookie-cutter’ approach is dangerous
- Inclusive – include all aspects of the ‘end-to-end’ workflow
- Dynamic – risk and opportunities are always changing
- Best available information – don’t become a victim of ‘paralysis from analysis
- Human and culture factors – a system won’t reduce risk, but people will
- Continual Improvement – to reduce surprises
Framework guided by Leadership and Commitment
- Integration – weave risk-based thinking into the fabric
- Design – use a cross-functional team to get the best results
- Implementation – Leaders need to know what is needed
- Evaluation – Top Management needs to understand how well risk is being managed
- Improvement – just like ‘rust’, risk never sleeps
Process for a structured approach
- Set the scope
- Do a risk assessment
- Create a risk ‘treatment’
- Monitor and review the treatment
- Record risk management results and report on them
- Communicate the results, engage in consultation and develop ‘risk-based thinking’ throughout your organization.
That’s the tip of the risk iceberg from ISO 31000. There will be more detail in the next 3 posts. These ideas will help you get started on your risk management journey, but be sure to get a copy of ISO 31000 if you want more guidance for your activities. All of your efforts will pay you a surprising return on your investment!
Know Quality, Know Profits…No Quality, No Profits
If you’d like to see how we’ve designed our platform to help manage risk, schedule a demo and we’ll see if it can make your ‘ISO life’ simpler and safer!