Iso 31000 Risk Analysis Guidelines

Post on 28-Apr-2015

171 views 3 download

Preview:

Click to see full reader
Report this document
SHARE

description

guidelines to risk analysis

transcript

A S / N Z S I S O 3 1 0 0 0 : 2 0 0 9T h i s J o i n t A u s t r a l i a n / N e w Z e a l a n d S t a n d a r d w a s p r e p a r e d b y J o i n t T e c h n i c a l C o m m i t t e e O B - 0 0 7 , R i s k M a n a g e m e n t . I t w a s a p p r o v e d o n b e h a l f o f t h e C o u n c i l o f S t a n d a r d s A u s t r a l i a o n 6 N o v e m b e r 2 0 0 9 a n d o n b e h a l f o f t h e C o u n c i l o f S t a n d a r d s N e w Z e a l a n d o n 1 6 O c t o b e r 2 0 0 9 . T h i s S t a n d a r d w a s p u b l i s h e d o n 2 0 N o v e m b e r 2 0 0 9 . T h e f o l l o w i n g a r e r e p r e s e n t e d o n C o m m i t t e e O B - 0 0 7 : A u s t r a l i a n C o m p u t e r S o c i e t y C o m m e r c e C o m m i s s i o n N e w Z e a l a n d C o m m i t t e e I T - 0 1 2 D e p a r t m e n t o f E d u c a t i o n a n d E a r l y C h i l d h o o d D e v e l o p m e n t V i c t o r i a E m e r g e n c y M a n a g e m e n t A u s t r a l i a E n g i n e e r s A u s t r a l i a E n v i r o n m e n t a l R i s k M a n a g e m e n t A u t h o r i t y N e w Z e a l a n d F i n a n c i a l S e r v i c e s I n s t i t u t e o f A u s t r a l i a T h e I n s t i t u t e o f I n t e r n a l A u d i t o r s – A u s t r a l i a I n s t i t u t i o n o f P r o f e s s i o n a l E n g i n e e r s N e w Z e a l a n d I n t e r n a t i o n a l A s s o c i a t i o n o f E m e r g e n c y M a n a g e r s L a T r o b e U n i v e r s i t y L a w S o c i e t y o f N e w S o u t h W a l e s M a s s e y U n i v e r s i t y M i n e r a l s C o u n c i l o f A u s t r a l i a M i n i s t r y o f E c o n o m i c D e v e l o p m e n t ( N e w Z e a l a n d ) N e w Z e a l a n d S o c i e t y f o r R i s k M a n a g e m e n t R i s k M a n a g e m e n t I n s t i t u t i o n o f A u s t r a l a s i a T h e U n i v e r s i t y o f N e w S o u t h W a l e s U n i v e r s i t y o f C a n t e r b u r y N e w Z e a l a n dK e e p i n g S t a n d a r d s u p - t o - d a t eS t a n d a r d s a r e l i v i n g d o c u m e n t s w h i c h r e f l e c t p r o g r e s s i n s c i e n c e , t e c h n o l o g y a n d s y s t e m s . T o m a i n t a i n t h e i r c u r r e n c y , a l l S t a n d a r d s a r e p e r i o d i c a l l y r e v i e w e d , a n d n e w e d i t i o n s a r e p u b l i s h e d . B e t w e e n e d i t i o n s , a m e n d m e n t s m a y b e i s s u e d . S t a n d a r d s m a y a l s o b e w i t h d r a w n . I t i s i m p o r t a n t t h a t r e a d e r s a s s u r e t h e m s e l v e s t h e y a r e u s i n g a c u r r e n t S t a n d a r d , w h i c h s h o u l d i n c l u d e a n y a m e n d m e n t s w h i c h m a y h a v e b e e n p u b l i s h e d s i n c e t h e S t a n d a r d w a s p u r c h a s e d . D e t a i l e d i n f o r m a t i o n a b o u t j o i n t A u s t r a l i a n / N e w Z e a l a n d S t a n d a r d s c a n b e f o u n d b y v i s i t i n g t h e S t a n d a r d s W e b S h o p a t w w w . s a i g l o b a l . c o m . a u o r S t a n d a r d s N e w Z e a l a n d w e b s i t e a t w w w . s t a n d a r d s . c o . n z a n d l o o k i n g u p t h e r e l e v a n t S t a n d a r d i n t h e o n - l i n e c a t a l o g u e . F o r m o r e f r e q u e n t l i s t i n g s o r n o t i f i c a t i o n o f r e v i s i o n s , a m e n d m e n t s a n d w i t h d r a w a l s , S t a n d a r d s A u s t r a l i a a n d S t a n d a r d s N e w Z e a l a n d o f f e r a n u m b e r o f u p d a t e o p t i o n s . F o r i n f o r m a t i o n a b o u t t h e s e s e r v i c e s , u s e r s s h o u l d c o n t a c t t h e i r r e s p e c t i v e n a t i o n a l S t a n d a r d s o r g a n i z a t i o n . W e a l s o w e l c o m e s u g g e s t i o n s f o r i m p r o v e m e n t i n o u r S t a n d a r d s , a n d e s p e c i a l l y e n c o u r a g e r e a d e r s t o n o t i f y u s i m m e d i a t e l y o f a n y a p p a r e n t i n a c c u r a c i e s o r a m b i g u i t i e s . P l e a s e a d d r e s s y o u r c o m m e n t s t o t h e C h i e f E x e c u t i v e o f e i t h e r S t a n d a r d s A u s t r a l i a o r S t a n d a r d s N e w Z e a l a n d a t t h e a d d r e s s s h o w n o n t h e b a c k c o v e r .

T h i s S t a n d a r d w a s i s s u e d i n d r a f t f o r m f o r c o m m e n t a s D R 0 9 0 6 3 .AS/NZS ISO 31000:2009

Risk management—Principles and guidelinesCOPYRIGHT© S t a n d a r d s A u s t r a l i a / S t a n d a r d s N e w Z e a l a n d A l l r i g h t s a r e r e s e r v e d . N o p a r t o f t h i s w o r k m a y b e r e p r o d u c e d o r c o p i e d i n a n y f o r m o r b y a n y m e a n s , e l e c t r o n i c o r m e c h a n i c a l , i n c l u d i n g p h o t o c o p y i n g , w i t h o u t t h e w r i t t e n p e r m i s s i o n o f t h e p u b l i s h e r . J o i n t l y p u b l i s h e d b y S t a n d a r d s A u s t r a l i a , G P O B o x 4 7 6 , S y d n e y , N S W 2 0 0 1 a n d S t a n d a r d s N e w Z e a l a n d , P r i v a t e B a g 2 4 3 9 , W e l l i n g t o n 6 1 4 0 I S B N 0 7 3 3 7 9 2 8 9 8 Originated as AS/NZS 4360:1995.Third edition 2004.Revised and redesignated as AS/NZS ISO 31000:2009.

P R E F A C ET h i s S t a n d a r d w a s p r e p a r e d b y J o i n t S t a n d a r d s A u s t r a l i a / S t a n d a r d s N e w Z e a l a n d C o m m i t t e e O B - 0 0 7 , R i s k M a n a g e m e n t t o s u p e r s e d e A S / N Z S 4 3 6 0 : 2 0 0 4 ,R i s k m a n a g e m e n t .W h e n A S / N Z S 4 3 6 0 : 1 9 9 9 w a s r e v i s e d i n 2 0 0 4 ( a s p a r t o f a r o u t i n e f i v e y e a r l y r e v i s i o n ) , i t w a s d e c i d e d b y t h e J o i n t A u s t r a l i a n / N e w Z e a l a n d C o m m i t t e e O B - 0 0 7 t h a t r a t h e r t h a n u n d e r t a k e a s i m i l a r r e v i s i o n i n 2 0 0 9 , S t a n d a r d s A u s t r a l i a a n d S t a n d a r d s N e w Z e a l a n d w o u l d p r o m o t e t h e d e v e l o p m e n t o f a n i n t e r n a t i o n a l s t a n d a r d o n r i s k m a n a g e m e n t w h i c h w o u l d t h e n b e a d o p t e d . I n 2 0 0 5 t h e I n t e r n a t i o n a l O r g a n i z a t i o n f o r S t a n d a r d i z a t i o n ( I S O ) e s t a b l i s h e d a w o r k i n g g r o u p t o d e v e l o p t h e f i r s t i n t e r n a t i o n a l r i s k m a n a g e m e n t s t a n d a r d u s i n g A S / N Z S 4 3 6 0 : 2 0 0 4 a s t h e f i r s t d r a f t . T h e s t a n d a r d d e v e l o p m e n t p r o c e s s i n c l u d e d e x t e n s i v e p u b l i c c o n s u l t a t i o n i n A u s t r a l i a a n d N e w Z e a l a n d a n d r e s u l t e d i n t h e p u b l i c a t i o n o f I S O 3 1 0 0 0 : 2 0 0 9 . T h e m a i n v a r i a t i o n s t o A S / N Z S 4 3 6 0 : 2 0 0 4 , a s o u t l i n e d i n t h e I n t r o d u c t i o n , a r e a s f o l l o w s : (a)R i s k i s n o w d e f i n e d i n t e r m s o f t h e e f f e c t o f u n c e r t a i n t y o n o b j e c t i v e s .(b)T h e p r i n c i p l e s t h a t o r g a n i z a t i o n s m u s t f o l l o w t o a c h i e v e e f f e c t i v e r i s k m a n a g e m e n t h a v e n o w b e e n m a d e e x p l i c i t . (c)T h e r e i s m u c h g r e a t e r e m p h a s i s a n d g u i d a n c e o n h o w r i s k m a n a g e m e n t s h o u l d b e i m p l e m e n t e d a n d i n t e g r a t e d i n t o o r g a n i z a t i o n s t h r o u g h t h e c r e a t i o n a n d c o n t i n u o u s i m p r o v e m e n t o f a f r a m e w o r k . (d)A n i n f o r m a t i v e A n n e x d e s c r i b e s t h e a t t r i b u t e s o f e n h a n c e d r i s k m a n a g e m e n t a n d r e c o g n i z e s t h a t w h i l e a l l o r g a n i z a t i o n s m a n a g e r i s k i n s o m e w a y a n d t o s o m e e x t e n t t h i s m a y n o t a l w a y s b e o p t i m a l . T h e p r o c e s s d e s c r i b e d f o r m a n a g i n g r i s k i s i d e n t i c a l t o t h a t i n A S / N Z S 4 3 6 0 : 2 0 0 4 . T h i s S t a n d a r d i s i d e n t i c a l w i t h , a n d h a s b e e n r e p r o d u c e d f r o m I S O 3 1 0 0 0 : 2 0 0 9 ,

Risk m a n a g e m e n t — P r i n c i p l e s a n d g u i d e l i n e s. M i n o r c h a n g e s h a v e b e e n m a d e t o t h e I n t r o d u c t i o n t o a d d r e s s t h e a p p l i c a t i o n o f t h e S t a n d a r d i n A u s t r a l i a a n d N e w Z e a l a n d . A s t h i s S t a n d a r d i s r e p r o d u c e d f r o m a n I n t e r n a t i o n a l S t a n d a r d , t h e f o l l o w i n g a p p l i e s : ( i ) I t s n u m b e r d o e s n o t a p p e a r o n e a c h p a g e o f t e x t a n d i t s i d e n t i t y i s s h o w n o n l y o n t h e c o v e r a n d t i t l e p a g e . ( i i ) I n t h e s o u r c e t e x t ‘ t h i s I n t e r n a t i o n a l S t a n d a r d ’ s h o u l d r e a d ‘ t h i s A u s t r a l i a n / N e w Z e a l a n d S t a n d a r d ’ . T h e t e r m ‘ i n f o r m a t i v e ’ i s u s e d t o d e f i n e t h e a p p l i c a t i o n o f t h e a n n e x t o w h i c h i t a p p l i e s . A n i n f o r m a t i v e a n n e x i s o n l y f o r i n f o r m a t i o n a n d g u i d a n c e .C O N T E N T SP a g e1 Scope....................................................................... 12 Terms and definitions............................................. 13 Principles................................................................ 74 Framework ............................................................. 84.1 General ................................................................. 84.2 Mandate and commitment.................................... 94.3 Design of framework for managing risk................. 104.3.1 Understanding of the organization and its context..... 104.3.2 Establishing risk management policy.................. 104.3.3 Accountability................................................... 114.3.4 Integration into organizational processes........... 114.3.5 Resources ......................................................... 114.3.6 Establishing internal communication and reporting mechanisms.... 124.3.7 Establishing external communication and reporting mechanisms... 124.4 Implementing risk management ...................................................... 124.4.1 Implementing the framework for managing risk............................ 124.4.2 Implementing the risk management process.................................. 134.5 Monitoring and review of the framework......................................... 134.6 Continual improvement of the framework........................................ 135 Process.............................................................................................. 135.1 General........................................................................................... 135.2 Communication and consultation ................................................... 145.3 Establishing the context.................................................................... 155.3.1 General ........................................................................................ 155.3.2 Establishing the external context.................................................. 155.3.3 Establishing the internal context.................................................... 155.3.4 Establishing the context of the risk management process .............. 165.3.5 Defining risk criteria....................................................................... 175.4 Risk assessment ............................................................................... 175.4.1 General ......................................................................................... 175.4.2 Risk identification.......................................................................... 175.4.3 Risk analysis.................................................................................. 18

5.4.4 Risk evaluation.............................................................................. 185.5 Risk treatment................................................................................. 185.5.1 General.......................................................................................... 185.5.2 Selection of risk treatment options................................................ 195.5.3 Preparing and implementing risk treatment plans ........................ 205.6 Monitoring and review ................................................................... 205.7 Recording the risk management process........................................... 21Annex A(informative) Attributes of enhanced risk management......................... 22Bibliography.......................................................................................... 24iiiT h i s i s a f r e e 9 p a g e s a m p l e . A c c e s s t h e f u l l v e r s i o n o n l i n e .I N T R O D U C T I O NO r g a n i z a t i o n s o f a n y k i n d f a c e i n t e r n a l a n d e x t e r n a l f a c t o r s a n d i n f l u e n c e s t h a t m a k e i t u n c e r t a i n w h e t h e r , w h e n a n d t h e e x t e n t t o w h i c h t h e y w i l l a c h i e v e o r e x c e e d t h e i r o b j e c t i v e s . T h e e f f e c t t h i s u n c e r t a i n t y h a s o n t h e o r g a n i z a t i o n ’ s o b j e c t i v e s i s “ r i s k ” . A l l a c t i v i t i e s o f a n o r g a n i z a t i o n i n v o l v e r i s k . O r g a n i z a t i o n s m a n a g e r i s k b y a n t i c i p a t i n g , u n d e r s t a n d i n g a n d d e c i d i n g w h e t h e r t o m o d i f y i t . T h r o u g h o u t t h i s p r o c e s s t h e y c o m m u n i c a t e a n d c o n s u l t w i t h s t a k e h o l d e r s a n d m o n i t o r a n d r e v i e w t h e r i s k a n d t h e c o n t r o l s t h a t a r e m o d i f y i n g t h e r i s k . T h i s S t a n d a r d d e s c r i b e s t h i s s y s t e m a t i c a n d l o g i c a l p r o c e s s i n d e t a i l . T h i s i s a n e w s t a n d a r d f o r m a n a g i n g r i s k t h a t s u p e r s e d e s A S / N Z S 4 3 6 0 : 2 0 0 4 . I t b u i l d s u p o n t h e p r o c e s s e s c o n t a i n e d i n t h e s u p e r s e d e d s t a n d a r d . W h i l e a l l o r g a n i z a t i o n s m a n a g e r i s k t o s o m e d e g r e e , t h i s S t a n d a r d e s t a b l i s h e s a n u m b e r o f p r i n c i p l e s t h a t n e e d t o b e s a t i s f i e d b e f o r e r i s k m a n a g e m e n t w i l l b e e f f e c t i v e . T h i s S t a n d a r d r e c o m m e n d s t h a t o r g a n i z a t i o n s s h o u l d h a v e a f r a m e w o r k t h a t i n t e g r a t e s t h e p r o c e s s f o r m a n a g i n g r i s k i n t o t h e o r g a n i z a t i o n ' s o v e r a l l g o v e r n a n c e , s t r a t e g y a n d p l a n n i n g , m a n a g e m e n t , r e p o r t i n g p r o c e s s e s , p o l i c i e s , v a l u e s a n d c u l t u r e . R i s k m a n a g e m e n t c a n b e a p p l i e d a c r o s s a n e n t i r e o r g a n i z a t i o n , t o i t s m a n y a r e a s a n d l e v e l s , a s w e l l a s t o s p e c i f i c f u n c t i o n s , p r o j e c t s a n d a c t i v i t i e s . A l t h o u g h t h e p r a c t i c e o f r i s k m a n a g e m e n t h a s b e e n d e v e l o p e d o v e r t i m e a n d w i t h i n m a n y s e c t o r s t o m e e t d i v e r s e n e e d s , t h e a d o p t i o n o f c o n s i s t e n t p r o c e s s e s w i t h i n a c o m p r e h e n s i v e f r a m e w o r k h e l p s e n s u r e t h a t r i s k i s m a n a g e d e f f e c t i v e l y , e f f i c i e n t l y a n d c o h e r e n t l y a c r o s s a n o r g a n i z a t i o n . T h e g e n e r i c a p p r o a c h d e s c r i b e d i n t h i s S t a n d a r d p r o v i d e s t h e p r i n c i p l e s a n d g u i d e l i n e s f o r m a n a g i n g a n y f o r m o f r i s k i n a s y s t e m a t i c , t r a n s p a r e n t a n d c r e d i b l e m a n n e r a n d w i t h i n a n y s c o p e a n d c o n t e x t . T h e r e l a t i o n s h i p b e t w e e n t h e p r i n c i p l e s f o r m a n a g i n g r i s k , t h e f r a m e w o r k i n w h i c h i t o c c u r s a n d t h e r i s k m a n a g e m e n t p r o c e s s d e s c r i b e d i n t h i s S t a n d a r d i s s h o w n i n F i g u r e

1 . W h e n i m p l e m e n t e d a n d m a i n t a i n e d i n a c c o r d a n c e w i t h t h i s S t a n d a r d , t h e m a n a g e m e n t o f r i s k e n a b l e s a l l o r g a n i z a t i o n s t o , f o r e x a m p l e —(a) i n c r e a s e t h e l i k e l i h o o d o f a c h i e v i n g o b j e c t i v e s ;(b) e n c o u r a g e p r o a c t i v e m a n a g e m e n t ;(c) b e a w a r e o f t h e n e e d t o i d e n t i f y a n d t r e a t r i s k t h r o u g h o u t t h e o r g a n i z a t i o n ;(d) i m p r o v e t h e i d e n t i f i c a t i o n o f o p p o r t u n i t i e s a n d t h r e a t s ;(e) a c h i e v e c o m p a t i b l e r i s k m a n a g e m e n t p r a c t i c e s b e t w e e n o r g a n i z a t i o n s a n d n a t i o n s ;(f) c o m p l y w i t h r e l e v a n t l e g a l a n d r e g u l a t o r y r e q u i r e m e n t s a n d i n t e r n a t i o n a l n o r m s ;(g) i m p r o v e f i n a n c i a l r e p o r t i n g ;(h) i m p r o v e g o v e r n a n c e ;(i) i m p r o v e s t a k e h o l d e r c o n f i d e n c e a n d t r u s t ;(j) e s t a b l i s h a r e l i a b l e b a s i s f o r d e c i s i o n m a k i n g a n d p l a n n i n g ; (k)i m p r o v e c o n t r o l s ;(l) e f f e c t i v e l y a l l o c a t e a n d u s e r e s o u r c e s f o r r i s k t r e a t m e n t ;(m) i m p r o v e o p e r a t i o n a l e f f e c t i v e n e s s a n d e f f i c i e n c y ;(n) e n h a n c e h e a l t h a n d s a f e t y p e r f o r m a n c e a s w e l l a s e n v i r o n m e n t a l p r o t e c t i o n ;(o) i m p r o v e l o s s p r e v e n t i o n a n d i n c i d e n t m a n a g e m e n t ; m i n i m i z e l o s s e s ;(q) i m p r o v e o r g a n i z a t i o n a l l e a r n i n g ; a n d(r) i m p r o v e o r g a n i z a t i o n a l r e s i l i e n c e .

T h i s S t a n d a r d i s i n t e n d e d t o m e e t t h e n e e d s o f a w i d e r a n g e o f s t a k e h o l d e r s i n c l u d i n g — ( i ) t h o s e a c c o u n t a b l e f o r a c h i e v i n g o b j e c t i v e s a n d t h e r e f o r e e n s u r i n g t h a t r i s k i s e f f e c t i v e l y m a n a g e d w i t h i n t h e o r g a n i z a t i o n a s a w h o l e o r w i t h i n a s p e c i f i c a r e a , p r o j e c t o r a c t i v i t y ;

( i i ) t h o s e r e s p o n s i b l e f o r d e v e l o p i n g r i s k m a n a g e m e n t p o l i c y w i t h i n t h e i r o r g a n i z a t i o n ;

( i i i ) t h o s e w h o n e e d t o e v a l u a t e a n o r g a n i z a t i o n e f f e c t i v e n e s s i n m a n a g i n g r i s k ; a n d

( i v ) d e v e l o p e r s o f s t a n d a r d s , g u i d e s , p r o c e d u r e s , a n d c o d e s o f p r a c t i c e t h a t i n w h o l e o r i n p a r t s e t o u t h o w r i s k i s t o b e m a n a g e d w i t h i n t h e s p e c i f i c c o n t e x t o f t h e s e d o c u m e n t s . O r g a n i z a t i o n s w i t h e x i s t i n g r i s k m a n a g e m e n t p r o c e s s e s c a n u s e t h i s S t a n d a r d t o c r i t i c a l l y r e v i e w , a l i g n a n d i m p r o v e t h e i r e x i s t i n g p r a c t i c e s . T h o s e w h o s e r i s k m a n a g e m e n t f r a m e w o r k h a s b e e n b a s e d o n A S / N Z S 4 3 6 0 : 2 0 0 4 w i l l t h e r e b y b e n e f i t f r o m t h e a d d i t i o n a l c o n c e p t s a n d p r a c t i c e s i n t h i s S t a n d a r d . I n t h i s

S t a n d a r d , t h e e x p r e s s i o n s “ r i s k m a n a g e m e n t ” a n d “ m a n a g i n g r i s k ” a r e b o t h u s e d . I n g e n e r a l t e r m s , “ r i s k m a n a g e m e n t ” r e f e r s t o t h e a r c h i t e c t u r e ( p r i n c i p l e s , f r a m e w o r k a n d p r o c e s s ) f o r m a n a g i n g r i s k s e f f e c t i v e l y , a n d “ m a n a g i n g r i s k ” r e f e r s t o a p p l y i n g t h a t a r c h i t e c t u r e t o p a r t i c u l a r r i s k s .

M a n d a t e a n d c o m m i t m e n t ( 4 . 2 ) I m p l e m e n t i n g r i s k m a n a g e m e n t ( 4 . 4 ) D e s i g n o f f r a m e w o r k f o r managing r i s k ( 4 . 3 ) C o n t i n u a l i m p r o v e m e n t o f t h e f r a m e w o r k ( 4 . 6 ) M o n i t o r i n g a n d r e v i e w o f t h e f r a m e w o r k ( 4 . 5 )

F r a m e w o r k ( C l a u s e 4 ) a ) C r e a t e s v a l u e b ) I n t e g r a l p a r t o f o r g a n i z a t i o n a l p r o c e s s e s c ) P a r t o f d e c i s i o n m a k i n g d ) E x p l i c i t l y a d d r e s s e s u n c e r t a i n t ye ) S y s t e m a t i c , s t r u c t u r e d a n d t i m e l y f ) B a s e d o n t h e b e s t a v a i l a b l e i n f o r m a t i o n g ) T a i l o r e d h ) T a k e s h u m a n a n d c u l t u r a l f a c t o r s i n t o a c c o u n ti ) T r a n s p a r e n t a n d i n c l u s i v e j ) D y n a m i c , i t e r a t i v e a n d r e s p o n s i v e t o c h a n g e k ) F a c i l i t a t e s c o n t i n u a l i m p r o v e m e n t a n d e n h a n c e m e n t o f t h e o r g a n i z a t i o n P r i n c i p l e s ( C l a u s e 3 ) P r o c e s s ( C l a u s e 5 ) E s t a b l i s h i n g t h e c o n t e x t ( 5 . 3 ) R i s k a s s e s s m e n t ( 5 . 4 ) R i s k i d e n t i f i c a t i o n ( 5 . 4 . 2 ) R i s k a n a l y s i s ( 5 . 4 . 3 ) R i s k e v a l u a t i o n ( 5 . 4 . 4 ) R i s k t r e a t m e n t ( 5 . 5 ) C o m m u n i c a t i o n a n d c o n s u l t a t i o n ( 5 . 2 ) M o n i t o r i n g a n d r e v i e w ( 5 . 6 )

Figure 1 — Relationships between the risk management principles, framework and process

R i s k m a n a g e m e n t — P r i n c i p l e s a n d g u i d e l i n e s

1 Scope

This International Standard provides principles and generic guidelines on risk management. This International Standard can be used by any public, private or community enterprise, association, group or individual. Therefore, this International Standard is not specific to any industry or sector.

NOTE For convenience, all the different users of this International Standard are referred to by the general term“ organization”.This International Standard can be applied throughout the life of an organization, and to a wide range of activities, including strategies and decisions, operations, processes, functions, projects, products, services and assets. This International Standard can be applied to any type of risk, whatever its nature, whether having positive or negative consequences. Although this International Standard provides generic guidelines, it is not intended to promote uniformity of risk management across organizations. The design and implementation of risk management plans and frameworks will need to take into account the varying needs of a specific organization, its particular objectives, context, structure, operations, processes, functions, projects, products, services, or assets and specific practices employed. It is intended that this International Standard be utilized to harmonize risk management processes in existing and future standards. It provides a common approach in support of standards dealing with specific risks and/or sectors, and does not replace those standards. This International Standard is not intended for the purpose of certification.

2 Terms and definitionsFor the purposes of this document, the following terms and definitions apply.

2.1 risk effect of uncertainty on objectivesNOTE 1 An effect is a deviation from the expected — positive and/or negative. NOTE 2 Objectives can have different aspects (such as financial, health and safety, and environmental goals) and can apply at different levels (such as strategic, organization-wide, project, product and process).NOTE 3 Risk is often characterized by reference to potential events (2.17) and consequences(2.18), or a combination of these. NOTE 4 Risk is often expressed in terms of a combination of the consequences of an event (including changes in circumstances) and the associated likelihood (2.19) of occurrenceDI AS/NZS ISO 31000:2009 Risk management - Principles and guidelines

Top related

HOW ISO 31000:2018 INTEGRATES RISK MANAGEMENT INTO … · ISO 31000:2018 offers detailed guidelines on how to plan, implement and measure an effective Risk Management System. It is
Documents
Risk Management Basics - ISO 31000 Standard - eitdata.info · Risk Management Basics - ISO 31000 Standard 1. Risk Management Basics 2. ISO 31000 –Risk Management Principles and
Documents
Risk Management Framework€¦ · AS/NZS ISO 31000:2018 Risk Management – Principles and Guidelines ISO 31000:2018 Risk Management - Guidelines Return to Work SA Code of Conduct
Documents
ISO 31000 OttawaFeb081.ppt - University of Waterlooirr.uwaterloo.ca/pdf_files/ISO 31000.pdf · What is ISO 31000? Guide for principles and implementation of risk management • More
Documents
Riskpro Iso 31000 Services
Documents
ISO 31000 Workshop v5
Documents
Introduction to Risk Management Guidelines ISO 31000 · Black swan event Introduction to Risk Management ISO 31000 : Ujwal Ritwik The term “black swan” was used in 16th century
Documents
Become a Certified ISO 31000 Risk Management Professional · During the course, we will present the ISO 31000 Risk Management Guidelines and its two companions, the ISO Guide 73:2009,
Documents
ISO 31000 - bayanbox.irbayanbox.ir/view/2935769691367134343/ISO-31000-modiriat-bohran.pdfISO 31000 • Conducted mid-October to mid-December, 2011 • LinkedIn website on ISO 31000,
Documents
GSO ISO 31000:2011
Documents
INTERNATIONAL ISO STANDARD 31000 31000-2018.pdf · ©ISO 2018 Risk management — Guidelines Management du risque — Lignes directrices INTERNATIONAL STANDARD ISO 31000 Second edition
Documents
Executive Teams and the Use of ISO 31000 in Decision Making Teams and the Use... · ISO 31000 The International Risk Management Standard ISO 31000 Provides the Architecture. ISO 31000
Documents
Risikomanagement DGQ vs · ISO/DIS 31000 Risk management – Principles and Guidelines on Implementation Der Aufbau der ISO/DIS 31000 ist: 5 3. Grundsätze für das Risikomanagement
Documents
ISO 31000:2018 RISK MANAGEMENT: HOW DO I GET STARTED? · management (ERM) and the ISO 31000 guidelines for risk management have emerged. ISO 31000:2018 defines risk as ‘the effect
Documents
! 31000 2009 31000-2009.pdf · Стандарт ISO 31000 был подготовлен ISO Technical Management Board Working Group (Группой Технического Руководства
Documents
Iso 31000 for_smes
Leadership & Management
PECB CERTIFIED ISO 31000 RISK MANAGERenterprisesustainability.co.za/PECB/iso-31000-risk-manager_4p.pdf · The “PECB Certified ISO 31000 Risk Manager” exam fully meets the requirements
Documents
Risk Management Basics - ISO 31000 · PDF fileRisk Management Basics - ISO 31000 Standard 1. Risk Management Basics 2. ISO 31000 –Risk Management Principles and Guidelines
Documents
Could iso 31000 Risk Management Guidelines have saved the Titanic
Business
COSO vs ISO 31000
Documents

Copyright © 2018 DOCUMENTS