SlideShare a Scribd company logo

Implementation of Enterprise Risk Management with ISO 31000 Risk Management Standard

PECB
PECB

The webinar covers: • The start of any Enterprise Risk Management Program • The approach to developing a framework that will assist organizations to integrate RM into their enterprise-wide risk management systems • The relationship between the foundations of the risk management framework and their objectives Presenter: This webinar was presented by M. Youssef K, an executive consultant & trainer with several qualifications. He is an accomplished expert with over 10 years’ experience in the field of risk management, project and program management, PRINCE 2, Agile, EVM, business process analysis and design, as well as operational and organizational excellence. Link of the recorded session published on YouTube: https://youtu.be/9fO-JqENL0I

Education
1 of 43
Implementation of Enterprise Risk Management with ISO 31000 Risk Management Standard By M.Youssef.K Corporate Consultant & Trainer MS PM, MS CS, LSSMBB, CPQS ISO 21500, ISO 13053, ISO 50001 Certified Six Sigma Associates Islamabad Chapter Islamabad - Pakistan
M.Youssef K Six Sigma Associates M.Youssef K is an executive consultant & trainer with several qualifications. He is an accomplished expert with over 10 years’ experience in the field of risk management, project and program management, PRINCE 2, Agile, EVM, business process analysis and design, as well as operational and organizational excellence 92-306-5252528 6sigmapk@gmail.com www.sixsigmaassociates.co.uk/sixsigma https://pk.linkedin.com/in/projectmanagementpk
Why talk about risk?  Risk is something that we all face every day.  As a company, we have to take risks in pursuit of our commercial objectives.  To raise awareness that we all have to manage risk as part of our daily working lives as well as personal.
What do we know about RM?  RM is part of our every day lives:  Crossing the road - Risk of getting run- over  Managing our finances – Risk of going broke  Purchase of insurance – Risk of fire, theft, storm  Choosing to smoke – Risk of cancer  Going for a swim – Risk of drowning  The choices we make in choosing to accept these risks is part of who we are
Perception of risk – Simple Example  Which method of transportation has the greatest fatality rate?  By Boat  By Air  By Road – Car  By Road – Motorbike  Walking  Cycling  Train
Research results  By Boat 5th  By Air 7th  By Road – Car 4th  By Road – Motorbike 1st  Walking 2nd  Cycling 3rd  Train 6th
Our perceptions usually determine our view of the level of risk posed by an activity
Physical Environment Economic Environment Social Environment Political Environment Legal Environment Operational Environment Cognitive Environment Physical Exposures Financial Asset Exposures Human Asset Exposures Legal Liability Exposures Moral Liability Exposures Strategic Program m e Operational Project Org. Objectives Environmental Sources of Risks
The Effect of Risk control on Performance Managing Risk to Enhance Performance Managing Risk to enhance performance Excessive controls minimise risk and constrain performance Exposed & destroying performance Ignorant Managing Obsessed Level of Risk Control Performanc e Low High
What is ERM? Enterprise Risk Management (ERM) is “a process, effected by an entity’s board of directors, management and other personnel, applied in strategy-setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.”
ERM Life Cycle Internal Environment Event Identification Risk Response Control Activities Objective Setting Information & Communication Risk Assessment Monitoring Culture Identify and prioritize risks Evaluate options Evaluate Performance Goal setting Confirm next steps Implement
ERM…  Provides a comprehensive and systematic approach to more proactive and holistic risk management  Provides a common lexicon of risk terminology, and provides direction and guidance for implementing ERM  Requires that organizations examine their complete portfolio of risks, consider how those risks interrelate, and that management develops an appropriate risk mitigation approach to address these risks in a manner that is consistent with the organization’s strategy and risk appetite
ERM is not…  A silver bullet to prevent risks from occurring  A methodology or a checklist of items that need to be completed that guarantee results  The only way organizations can take a more proactive approach to managing risk
Who Is Primarily Responsible for ERM? Source: 2013 RIMS Enterprise Risk Management (ERM) Survey. All rights reserved.
What is Risk Management?
What Is Risk Management? Risk is: The effect of uncertainty on the ability of an organisation to meet its objectives. Risk management is: The range of activities that an organisation intentionally undertakes to understand and reduce these effects. Effective risk management is: Executing these activities efficiently and in a way that actually and demonstrably improves the ability of the organisation to meet its objectives in a repeatable fashion.
Why is it important?  Risk affects all aspects of your project – your budget, your schedule, your scope, the agreed level of quality, and so on  Increase probability of positive event.  Reduce the occurrence of negative event.
What does it include?  Risk Management Planning  Risk Identification  Qualitative Risk Analysis  Quantitative Risk Analysis  Risk Response Planning  Risk Monitoring and Control
How is it done in project?  Make Risk Management Part of Your Project  Identify Risks Early in Your Project  Communicate About Risks  Consider Both Threats and Opportunities  Clarify Ownership Issues Contd.......
How is it done in project?  Prioritise Risks  Analyse Risks  Plan and Implement Risk Responses  Register Project Risks  Track Risks and Associated Tasks
What Is ISO 31000? ISO 31000:2009 is: ● An international standard that provides principles and guidelines for effective risk management ● Not specific to any industry or sector ● Able to be applied to any kind of risk ● Able to be applied to any kind of organisation ● Intended to be tailored to meet the needs of the organisation “The generic approach described in this Standard provides the principles and guidelines for managing any form of risk in a systematic, transparent and credible manner and within any scope and context.”
ISO 31000:2009 - Scope  Provides principles and generic guidelines on principles and implementation of risk management.  Can be applied to any kind of organisation, risk type and is not specific to any industry or sector.  Is NOT intended to be used for the purpose of certification. 23
ISO 31000:2009 - Users ISO 31000:2009 is intended to be used by a wide range of stakeholders including:  those responsible for implementing risk management within their organisation;  those who need to ensure that an organisation manages risk;  those who need to manage risk for the organisation as a whole or within a specific area or activity;  those needing to evaluate an organisation’s practices in managing risk; and  developers of standards, guides, procedures, and codes of practice that in whole or in part set out how risk is to be managed within the specific context of these documents 24
What Does ISO 31000 Cover? ISO 31000:2009 contains: ● A set of risk management terms and their definitions ● A set of principles for guiding and informing effective risk management for an enterprise ● An outline and process for creating a risk management framework ● An outline and process for creating a risk management process ISO 31000 is: ● Clear ● Sensible ● Brief (24 pages)
2.0 ENTERPRISE OBJECTIVES - CORPORATE PLANNING PROCESS CONTEXT OF ENTERPRISES OPERATIONS ATTHE APPROPRIATE LEVEL OF THE ENTERPRISE CONDUCT 27 STRATEGIC OBJECTIVE OPERATIONAL OBJECTIVE REPORTING OBJECTIVE COMPLIANCE OBJECTIVE RISK EVENT RISK EVENT RISK EVENT RISK EVENT RISK ANALYSIS RISKTREATMENT RISK EVALUATION MONITOR AND REVIEW
ISO 31000 Principles  Creates value  Integral par of organisational processes  Part of decision making  Explicitly addresses uncertainty  Systematic, structured and timely  Based on the best available information  Tailored  Takes human and cultural factors into account Contd.........
ISO 31000 Principles  Transparent and inclusive  Dynamic, iterative and responsive to change  Facilitates continual improvement and enhancement of the organisation
Establish the context  The strategic context  The organisational context  The RM context  Develop criteria  Decide structure Identify risks  What can happen?  How can it happen? Evaluate risks  Compare against criteria  Set risk priorities Accept Risk Treat Risks  Identify treatment options  Evaluate treatment options  Select treatment options  Prepare treatment plans  Implement plans Determine likelihood Determine consequence Estimate level of risk Analyse Risk Determine existing controls Yes No Monitorandreview Communicateandconsult Establish the risk assessment process
Commit and Mandate •Policy Statement •Standards •Guidelines •RM Plan and RM Process •Assurance Plan Communicate & Train •Stakeholder analysis •Training needs analysis •Communication strategy •Training strategy •Roles and Reporting Structure & Accountability •Board RM Committee •Executive RM Group •RM Working Group •Facilitator for Risk Management •RM Champions •Risk and Control Owners Review & Improve •Control assurance •RM Plan progress •RM Maturity Evaluation •RM KPIs •Benchmarking •Governance reporting Framework Continuous Improvement Cycle Management Information System -Risk Registers -Treatment Plans -Assurance Plan -Reporting templates Framework Implementation Establish context Identify risks Analyse risks Evaluate risks Treat risks Communicateandconsult Monitorandreview Risk assessment Process for Managing Risk Framework Implementation FrameworkContinuous ImprovementCycle
34 4.2 Mandate and commitment 4.4 Implementing risk management 4.3 Design of framework for managing risk 4.6 Continual improvement of the framework 4.5 Monitoring and review of the framework Framework for managing risk (Clause 4) a) Creates value b) Integral part of organizational processes c) Part of decision making d) Explicitly addresses uncertainty e) Systematic, structured and timely f) Based on the best available information g) Tailored h) Takes human and cultural factors into account i) Transparent and inclusive j) Dynamic, iterative and responsive to change k) Facilitates continual improvement and enhancement of the organization Principles for managing risk (Clause 3) Process for managing risk (Clause 5) ISO Overview 3 main clauses plus terminology from ISO Guide
35 Standard sort of Risk Matrix be careful, extremely careful, with risk matrices works well at the understanding/communications level, BUT Very Likely (>.45) Likely (.45 - .19) Medium (.19 - .05) Unlikely (.05 - .011) Remote (< .011) Minor Moderate Major Severe Catastrophic Likelihood Consequences High Medium Low Risk levels plotted in structured Workshop with Experts, voting, Delphi…
36 Example risk register for a specific Strategic Objective – illustration only Courtesy of the Food Company •High Risk Profile Objective xx “Ready-to-Heat” Action Plan  Accelerate innovation  Conduct competitor analysis session  Increase of aggressive competition from Rice Master and Fast Rice  Aggressive year for growth target for the segment & brand  Achieve new product growth targets Control ActivitiesRisks (uncertainties re Obj) •JoeOwner •yesPriorityAggressively grow and build the ready-to-heat business by expanding the product line (15% NSV growth & maintain shares above 30%) and broaden the availability of the product. 1. Identify initiatives and their associated descriptions with measurable objectives 2. Prioritize order of the key initiatives based on their contribution to achieving the overall financial and strategic objectives within the OP 4. List of risks that could hinder the ability to meet the initiative’s objectives 5. List of planned activities that will modify the risks – match the treatment strategies to risk through the reference numbers 6. Management Team evaluates the probability of success in achieving this initiative’s overall objectives 3. Document the individual in charge of the given initiative 7. Document the immediate next steps for effective initiative execution 1 2 3 1,2,3 1 Jane to develop 2-3 innovation schemes within 2 months Joe to do market analysis
37 4. Existing Controls4. Existing Controls Preventative 5. Existing Controls5. Existing Controls Reactive – Post Event 2. Causes 6. Risk Control Effectiveness 7. Consequence rating 3. Impacts Existing Preventative Controls Existing Reactive ControlsControl Owner Control Owner Task (future controls) Task Owner Due Date Task (future controls) Task Owner Due Date 8. Likelihood rating 9. RISK RATING 10, Comments BowBow--Tie Risk Treatment ToolTie Risk Treatment Tool 11. Risk Owner © Broadleaf Capital International, 2006 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 1. 2. 3. 4. 5. 6. 1. 2. 3. 4. 5. 6. 1. 2. 1. 2. 3.3. Example of an integrated tool for RM Process
Risk Treatment  Can involve:  Avoiding the risk – not to start or continue an activity  taking or increasing risk in order to pursue an opportunity  removing the risk source  Changing the likelihood  Changing the consequences  Transferring the risk or sharing with another party  Retaining the risk by informed decision
Risk Management and ISO 31000 How Do I Apply ISO 31000? When should I use ISO 31000? ● When you are asked to identify or assess risks ● When you are asked to manage risks ● When you are asked to assess a risk management framework or process How should I use ISO 31000 ● Use it to frame the scope of the work ● Use it to guide the engagement ● Use it to create a risk management process
Risk Management and ISO 31000 ISO 31000 In Summary • ISO 31000 gives you a structured, credible foundation for discussions with about risk and risk management. • ISO 31000 gives you a starting point for a risk management process if you don’t have one. • ISO 31000 gives you a standard vocabulary for talking about risks and risk management. • ISO 31000 gives you a baseline for comparisons and assessments of risk management processes.
Benefits of Implementing the International RM Standards  Increase likelihood of achieving objectives  Encourage proactive management  Improve awareness of need to identify and treat risk throughout the organisation  Improve the identification of opportunities and threats  Comply with legal and regulatory requirement and international norms  Improve mandatory and volutntary reporting Contd……..
Benefits of Implementing the International RM Standards  Improve governance  Improve stakeholder confidence and trust  Establish a reliable basis for decision making and planning  Improve control  Effectively allocate and use resources for risk treatment  Improve operational effectiveness and efficiency  Enhance health and safety performance, as well as environmental protection Contd……
Benefits of Implementing the International RM Standards  Improve loss prevention and incident management  Minimize losses  Improve organisational learning  Improve organizational resilience
Countries with Highest Level of Awareness of ISO 31000  Australia (65%)  New Zealand (47%)  Canada (42%)  United Arab Emirates (37%)  Brazil (28%)  South Africa (26%)  Spain (21%)  Netherlands (21%)  United Kingdom (21%)  Finland (18%)  Italy (14%)  France (13%)  USA (11%) “Fully understand ISO 31000”
Risk Management is Evolving into Risk Leadership • Risk management will continue to assume a higher priority • Strong board involvement required to facilitate strategic and enterprise- risk • More energy devoted to risk appetite, tracking, measuring and analysing Position • Risk ownership and communication at all levels • Links between risk management, strategic planning and management • Communication between the board and risk management • Risk-based incentives • Risk management talent pool with the right talent • Risk forecasting Challenges • Evidence that well risk managed businesses are more resilient and profitable • Risk management will be viewed as a profession • Predicted that there will be fewer but more senior professionals • Risk management will mature and move towards first line management Opportunities • Professional certification • Knowledge • Experience • Ethics • Continuing professional development Profession is Hard to Define – Similarities to Non-executive Directors
? QUESTIONS THANKYOU 92-306-5252528 6sigmapk@gmail.com www.sixsigmaassociates.co.uk/sixsigma https://pk.linkedin.com/in/projectmanagementpk

Recommended

PECB Webinar: ISO 31000 - The Benchmark for Risk Management in uncertain times
PECB Webinar: ISO 31000 - The Benchmark for Risk Management in uncertain timesPECB Webinar: ISO 31000 - The Benchmark for Risk Management in uncertain times
PECB Webinar: ISO 31000 - The Benchmark for Risk Management in uncertain times
PECB
 
PECB Webinar: Aligning ISO 31000 and Management of Risk Methodology
PECB Webinar: Aligning ISO 31000 and Management of Risk MethodologyPECB Webinar: Aligning ISO 31000 and Management of Risk Methodology
PECB Webinar: Aligning ISO 31000 and Management of Risk Methodology
PECB
 
COSO ERM Framework
COSO ERM FrameworkCOSO ERM Framework
COSO ERM Framework
ssuser6ea258
 
Risk Management ERM Presentation
Risk Management ERM PresentationRisk Management ERM Presentation
Risk Management ERM Presentationalygale
 
How to Build an Enterprise Risk Management Framework
How to Build an Enterprise Risk Management FrameworkHow to Build an Enterprise Risk Management Framework
How to Build an Enterprise Risk Management Framework
Colleen Beck-Domanico
 
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATION
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATIONOPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATION
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATIONFrackson Kathibula-Nyoni
 
Enterprise Risk Management PowerPoint Presentation Slides
Enterprise Risk Management PowerPoint Presentation Slides Enterprise Risk Management PowerPoint Presentation Slides
Enterprise Risk Management PowerPoint Presentation Slides
SlideTeam
 
127017438_RMA_OperationalRiskAppetite_v1.0
127017438_RMA_OperationalRiskAppetite_v1.0127017438_RMA_OperationalRiskAppetite_v1.0
127017438_RMA_OperationalRiskAppetite_v1.0Rachael Phelan
 

Recommended

PECB Webinar: ISO 31000 - The Benchmark for Risk Management in uncertain times
PECB Webinar: ISO 31000 - The Benchmark for Risk Management in uncertain timesPECB Webinar: ISO 31000 - The Benchmark for Risk Management in uncertain times
PECB Webinar: ISO 31000 - The Benchmark for Risk Management in uncertain times
PECB
 
PECB Webinar: Aligning ISO 31000 and Management of Risk Methodology
PECB Webinar: Aligning ISO 31000 and Management of Risk MethodologyPECB Webinar: Aligning ISO 31000 and Management of Risk Methodology
PECB Webinar: Aligning ISO 31000 and Management of Risk Methodology
PECB
 
COSO ERM Framework
COSO ERM FrameworkCOSO ERM Framework
COSO ERM Framework
ssuser6ea258
 
Risk Management ERM Presentation
Risk Management ERM PresentationRisk Management ERM Presentation
Risk Management ERM Presentationalygale
 
How to Build an Enterprise Risk Management Framework
How to Build an Enterprise Risk Management FrameworkHow to Build an Enterprise Risk Management Framework
How to Build an Enterprise Risk Management Framework
Colleen Beck-Domanico
 
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATION
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATIONOPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATION
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATIONFrackson Kathibula-Nyoni
 
Enterprise Risk Management PowerPoint Presentation Slides
Enterprise Risk Management PowerPoint Presentation Slides Enterprise Risk Management PowerPoint Presentation Slides
Enterprise Risk Management PowerPoint Presentation Slides
SlideTeam
 
127017438_RMA_OperationalRiskAppetite_v1.0
127017438_RMA_OperationalRiskAppetite_v1.0127017438_RMA_OperationalRiskAppetite_v1.0
127017438_RMA_OperationalRiskAppetite_v1.0Rachael Phelan
 
Enterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management ProcessEnterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management Processregio12
 
ERM-Enterprise Risk Management
ERM-Enterprise Risk ManagementERM-Enterprise Risk Management
ERM-Enterprise Risk Management
Jorge Vaz Girão , CISA, PMP, PMDPro I, ERMCP
 
COSO ERM
COSO ERMCOSO ERM
COSO ERM
Sophia Abigayle
 
Sharing Practice on Enterprise Risk Management (ERM)
Sharing Practice on Enterprise Risk Management (ERM)Sharing Practice on Enterprise Risk Management (ERM)
Sharing Practice on Enterprise Risk Management (ERM)
Diane Christina
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk Management
Croydon Consulting, LLC
 
Risk Culture, Risk What?
Risk Culture, Risk What?Risk Culture, Risk What?
Risk Culture, Risk What?
Ian Rich
 
Integrating Risk Appetite With Strategy Feb 14 2011
Integrating Risk Appetite With Strategy Feb 14 2011Integrating Risk Appetite With Strategy Feb 14 2011
Integrating Risk Appetite With Strategy Feb 14 2011
Andrew Smart
 
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksC-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
Aronson LLC
 
Risk culture - IRM PROTIVITI
Risk culture - IRM PROTIVITIRisk culture - IRM PROTIVITI
Risk culture - IRM PROTIVITI
Simone Luca Giargia
 
PECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB Webinar: ISO 31000 – Risk Management and how it can help an organizationPECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB
 
Introduction to Risk Management ISO31000:2009
Introduction to Risk Management ISO31000:2009Introduction to Risk Management ISO31000:2009
Introduction to Risk Management ISO31000:2009
Ahmad Azwang Aisram Omar
 
Integrating Strategy and Risk Management
Integrating Strategy and Risk ManagementIntegrating Strategy and Risk Management
Integrating Strategy and Risk Management
Andrew Smart
 
Risk Management Plan In Business PowerPoint Presentation Slides
Risk Management Plan In Business PowerPoint Presentation Slides Risk Management Plan In Business PowerPoint Presentation Slides
Risk Management Plan In Business PowerPoint Presentation Slides
SlideTeam
 
Risk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India AffiliateRisk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India Affiliate
IRM India Affiliate
 
Risk Management Overview
Risk Management OverviewRisk Management Overview
Risk Management Overview
JIGNESH PADIA
 
GRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveGRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance Executive
Max Neira Schliemann
 
Risk Management Fundamentals
Risk Management FundamentalsRisk Management Fundamentals
Risk Management Fundamentalsmikaelastafrace
 
ISO 31000 risk management process
ISO 31000 risk management processISO 31000 risk management process
ISO 31000 risk management process
Muizz Anibire
 
Shaping Your Culture via Risk Appetite
Shaping Your Culture via Risk Appetite Shaping Your Culture via Risk Appetite
Shaping Your Culture via Risk Appetite
Andrew Smart
 
Enterprise Risk Management and Sustainability
Enterprise Risk Management and SustainabilityEnterprise Risk Management and Sustainability
Enterprise Risk Management and Sustainability
Jeff B
 
Riskpro iso 31000 services 2013
Riskpro iso 31000 services 2013Riskpro iso 31000 services 2013
Riskpro iso 31000 services 2013
Nidhi Gupta
 
Riskpro iso 31000 services 2013
Riskpro iso 31000 services 2013Riskpro iso 31000 services 2013
Riskpro iso 31000 services 2013Rahul Bhan (CA, CIA, MBA)
 

More Related Content

What's hot

Enterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management ProcessEnterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management Processregio12
 
ERM-Enterprise Risk Management
ERM-Enterprise Risk ManagementERM-Enterprise Risk Management
ERM-Enterprise Risk Management
Jorge Vaz Girão , CISA, PMP, PMDPro I, ERMCP
 
COSO ERM
COSO ERMCOSO ERM
COSO ERM
Sophia Abigayle
 
Sharing Practice on Enterprise Risk Management (ERM)
Sharing Practice on Enterprise Risk Management (ERM)Sharing Practice on Enterprise Risk Management (ERM)
Sharing Practice on Enterprise Risk Management (ERM)
Diane Christina
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk Management
Croydon Consulting, LLC
 
Risk Culture, Risk What?
Risk Culture, Risk What?Risk Culture, Risk What?
Risk Culture, Risk What?
Ian Rich
 
Integrating Risk Appetite With Strategy Feb 14 2011
Integrating Risk Appetite With Strategy Feb 14 2011Integrating Risk Appetite With Strategy Feb 14 2011
Integrating Risk Appetite With Strategy Feb 14 2011
Andrew Smart
 
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksC-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
Aronson LLC
 
Risk culture - IRM PROTIVITI
Risk culture - IRM PROTIVITIRisk culture - IRM PROTIVITI
Risk culture - IRM PROTIVITI
Simone Luca Giargia
 
PECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB Webinar: ISO 31000 – Risk Management and how it can help an organizationPECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB
 
Introduction to Risk Management ISO31000:2009
Introduction to Risk Management ISO31000:2009Introduction to Risk Management ISO31000:2009
Introduction to Risk Management ISO31000:2009
Ahmad Azwang Aisram Omar
 
Integrating Strategy and Risk Management
Integrating Strategy and Risk ManagementIntegrating Strategy and Risk Management
Integrating Strategy and Risk Management
Andrew Smart
 
Risk Management Plan In Business PowerPoint Presentation Slides
Risk Management Plan In Business PowerPoint Presentation Slides Risk Management Plan In Business PowerPoint Presentation Slides
Risk Management Plan In Business PowerPoint Presentation Slides
SlideTeam
 
Risk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India AffiliateRisk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India Affiliate
IRM India Affiliate
 
Risk Management Overview
Risk Management OverviewRisk Management Overview
Risk Management Overview
JIGNESH PADIA
 
GRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveGRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance Executive
Max Neira Schliemann
 
Risk Management Fundamentals
Risk Management FundamentalsRisk Management Fundamentals
Risk Management Fundamentalsmikaelastafrace
 
ISO 31000 risk management process
ISO 31000 risk management processISO 31000 risk management process
ISO 31000 risk management process
Muizz Anibire
 
Shaping Your Culture via Risk Appetite
Shaping Your Culture via Risk Appetite Shaping Your Culture via Risk Appetite
Shaping Your Culture via Risk Appetite
Andrew Smart
 
Enterprise Risk Management and Sustainability
Enterprise Risk Management and SustainabilityEnterprise Risk Management and Sustainability
Enterprise Risk Management and Sustainability
Jeff B
 

What's hot (20)

Enterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management ProcessEnterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management Process
 
ERM-Enterprise Risk Management
ERM-Enterprise Risk ManagementERM-Enterprise Risk Management
ERM-Enterprise Risk Management
 
COSO ERM
COSO ERMCOSO ERM
COSO ERM
 
Sharing Practice on Enterprise Risk Management (ERM)
Sharing Practice on Enterprise Risk Management (ERM)Sharing Practice on Enterprise Risk Management (ERM)
Sharing Practice on Enterprise Risk Management (ERM)
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk Management
 
Risk Culture, Risk What?
Risk Culture, Risk What?Risk Culture, Risk What?
Risk Culture, Risk What?
 
Integrating Risk Appetite With Strategy Feb 14 2011
Integrating Risk Appetite With Strategy Feb 14 2011Integrating Risk Appetite With Strategy Feb 14 2011
Integrating Risk Appetite With Strategy Feb 14 2011
 
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksC-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
 
Risk culture - IRM PROTIVITI
Risk culture - IRM PROTIVITIRisk culture - IRM PROTIVITI
Risk culture - IRM PROTIVITI
 
PECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB Webinar: ISO 31000 – Risk Management and how it can help an organizationPECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB Webinar: ISO 31000 – Risk Management and how it can help an organization
 
Introduction to Risk Management ISO31000:2009
Introduction to Risk Management ISO31000:2009Introduction to Risk Management ISO31000:2009
Introduction to Risk Management ISO31000:2009
 
Integrating Strategy and Risk Management
Integrating Strategy and Risk ManagementIntegrating Strategy and Risk Management
Integrating Strategy and Risk Management
 
Risk Management Plan In Business PowerPoint Presentation Slides
Risk Management Plan In Business PowerPoint Presentation Slides Risk Management Plan In Business PowerPoint Presentation Slides
Risk Management Plan In Business PowerPoint Presentation Slides
 
Risk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India AffiliateRisk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India Affiliate
 
Risk Management Overview
Risk Management OverviewRisk Management Overview
Risk Management Overview
 
GRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveGRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance Executive
 
Risk Management Fundamentals
Risk Management FundamentalsRisk Management Fundamentals
Risk Management Fundamentals
 
ISO 31000 risk management process
ISO 31000 risk management processISO 31000 risk management process
ISO 31000 risk management process
 
Shaping Your Culture via Risk Appetite
Shaping Your Culture via Risk Appetite Shaping Your Culture via Risk Appetite
Shaping Your Culture via Risk Appetite
 
Enterprise Risk Management and Sustainability
Enterprise Risk Management and SustainabilityEnterprise Risk Management and Sustainability
Enterprise Risk Management and Sustainability
 

Similar to Implementation of Enterprise Risk Management with ISO 31000 Risk Management Standard

Riskpro iso 31000 services 2013
Riskpro iso 31000 services 2013Riskpro iso 31000 services 2013
Riskpro iso 31000 services 2013
Nidhi Gupta
 
Riskpro iso 31000 services 2013
Riskpro iso 31000 services 2013Riskpro iso 31000 services 2013
Riskpro iso 31000 services 2013Nidhi Gupta
 
ToTCOOP+i O3 o4 unit-9_final_version_en
ToTCOOP+i O3 o4 unit-9_final_version_enToTCOOP+i O3 o4 unit-9_final_version_en
ToTCOOP+i O3 o4 unit-9_final_version_en
ToTCOOPiTech
 
Five Lines of Assurance A New ERM and IA Paradigm
Five Lines of Assurance A New ERM and IA ParadigmFive Lines of Assurance A New ERM and IA Paradigm
Five Lines of Assurance A New ERM and IA ParadigmTim Leech
 
Five lines of assurance a new paradigm in internal audit &amp; erm
Five lines of assurance a new paradigm in internal audit &amp; ermFive lines of assurance a new paradigm in internal audit &amp; erm
Five lines of assurance a new paradigm in internal audit &amp; erm
Dr. Zar Rdj
 
Creating Value Through Enterprise Risk Management
Creating Value Through Enterprise Risk Management Creating Value Through Enterprise Risk Management
Creating Value Through Enterprise Risk Management
Risk Management Institution of Australasia
 
ISO 31000
ISO 31000ISO 31000
ISO 31000
yeganehmajidi
 
#Contract Risk Audit# By SN panigrahi
#Contract Risk Audit# By SN panigrahi#Contract Risk Audit# By SN panigrahi
#Contract Risk Audit# By SN panigrahi
SN Panigrahi, PMP
 
Risk Management Presentation to Doyle Property Club
Risk Management Presentation to Doyle Property ClubRisk Management Presentation to Doyle Property Club
Risk Management Presentation to Doyle Property Club
marcpreston
 
Risk seminar - john crawley & emer mc aneny
Risk seminar - john crawley & emer mc anenyRisk seminar - john crawley & emer mc aneny
Risk seminar - john crawley & emer mc anenyИван Вали-Пур
 
Iso 31000 presentation
Iso 31000 presentationIso 31000 presentation
Iso 31000 presentation
christianaegerter1
 
Iso 31000
Iso 31000Iso 31000
Iso 31000
Dr. Jojo Javier
 
Risk Management - A Journey
Risk Management - A JourneyRisk Management - A Journey
Risk Management - A JourneyDebashis Gupta
 
Proposal To Chairman For Risk Management Services
Proposal To Chairman For Risk Management ServicesProposal To Chairman For Risk Management Services
Proposal To Chairman For Risk Management ServicesRahul Bhan (CA, CIA, MBA)
 
Proposal To Chairman For Risk Management Services
Proposal To Chairman For Risk Management ServicesProposal To Chairman For Risk Management Services
Proposal To Chairman For Risk Management ServicesRahul Bhan (CA, CIA, MBA)
 
ISO 31000:2018 (Risk Management) Awareness Training
ISO 31000:2018 (Risk Management) Awareness TrainingISO 31000:2018 (Risk Management) Awareness Training
ISO 31000:2018 (Risk Management) Awareness Training
Operational Excellence Consulting
 
Super Strategies 2014 Risk Strategy Presentation
Super Strategies 2014 Risk Strategy PresentationSuper Strategies 2014 Risk Strategy Presentation
Super Strategies 2014 Risk Strategy PresentationDavid Fernandes
 
ISO 31000:2018 Risk Management System, Framework and Implementation
ISO 31000:2018 Risk Management System, Framework and ImplementationISO 31000:2018 Risk Management System, Framework and Implementation
ISO 31000:2018 Risk Management System, Framework and Implementation
Alvin Integrated Services [AIS]
 
Coso Erm(2)
Coso Erm(2)Coso Erm(2)
Coso Erm(2)deeptica
 

Similar to Implementation of Enterprise Risk Management with ISO 31000 Risk Management Standard (20)

Riskpro iso 31000 services 2013
Riskpro iso 31000 services 2013Riskpro iso 31000 services 2013
Riskpro iso 31000 services 2013
 
Riskpro iso 31000 services 2013
Riskpro iso 31000 services 2013Riskpro iso 31000 services 2013
Riskpro iso 31000 services 2013
 
Riskpro iso 31000 services 2013
Riskpro iso 31000 services 2013Riskpro iso 31000 services 2013
Riskpro iso 31000 services 2013
 
ToTCOOP+i O3 o4 unit-9_final_version_en
ToTCOOP+i O3 o4 unit-9_final_version_enToTCOOP+i O3 o4 unit-9_final_version_en
ToTCOOP+i O3 o4 unit-9_final_version_en
 
Five Lines of Assurance A New ERM and IA Paradigm
Five Lines of Assurance A New ERM and IA ParadigmFive Lines of Assurance A New ERM and IA Paradigm
Five Lines of Assurance A New ERM and IA Paradigm
 
Five lines of assurance a new paradigm in internal audit &amp; erm
Five lines of assurance a new paradigm in internal audit &amp; ermFive lines of assurance a new paradigm in internal audit &amp; erm
Five lines of assurance a new paradigm in internal audit &amp; erm
 
Creating Value Through Enterprise Risk Management
Creating Value Through Enterprise Risk Management Creating Value Through Enterprise Risk Management
Creating Value Through Enterprise Risk Management
 
ISO 31000
ISO 31000ISO 31000
ISO 31000
 
#Contract Risk Audit# By SN panigrahi
#Contract Risk Audit# By SN panigrahi#Contract Risk Audit# By SN panigrahi
#Contract Risk Audit# By SN panigrahi
 
Risk Management Presentation to Doyle Property Club
Risk Management Presentation to Doyle Property ClubRisk Management Presentation to Doyle Property Club
Risk Management Presentation to Doyle Property Club
 
Risk seminar - john crawley & emer mc aneny
Risk seminar - john crawley & emer mc anenyRisk seminar - john crawley & emer mc aneny
Risk seminar - john crawley & emer mc aneny
 
Iso 31000 presentation
Iso 31000 presentationIso 31000 presentation
Iso 31000 presentation
 
Iso 31000
Iso 31000Iso 31000
Iso 31000
 
Risk Management - A Journey
Risk Management - A JourneyRisk Management - A Journey
Risk Management - A Journey
 
Proposal To Chairman For Risk Management Services
Proposal To Chairman For Risk Management ServicesProposal To Chairman For Risk Management Services
Proposal To Chairman For Risk Management Services
 
Proposal To Chairman For Risk Management Services
Proposal To Chairman For Risk Management ServicesProposal To Chairman For Risk Management Services
Proposal To Chairman For Risk Management Services
 
ISO 31000:2018 (Risk Management) Awareness Training
ISO 31000:2018 (Risk Management) Awareness TrainingISO 31000:2018 (Risk Management) Awareness Training
ISO 31000:2018 (Risk Management) Awareness Training
 
Super Strategies 2014 Risk Strategy Presentation
Super Strategies 2014 Risk Strategy PresentationSuper Strategies 2014 Risk Strategy Presentation
Super Strategies 2014 Risk Strategy Presentation
 
ISO 31000:2018 Risk Management System, Framework and Implementation
ISO 31000:2018 Risk Management System, Framework and ImplementationISO 31000:2018 Risk Management System, Framework and Implementation
ISO 31000:2018 Risk Management System, Framework and Implementation
 
Coso Erm(2)
Coso Erm(2)Coso Erm(2)
Coso Erm(2)
 

More from PECB

Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
PECB
 
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of CybersecurityDORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
PECB
 
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI GovernanceSecuring the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
PECB
 
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
PECB
 
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
PECB
 
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks EffectivelyISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
PECB
 
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
PECB
 
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital TransformationISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
PECB
 
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulationsManaging ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
PECB
 
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
PECB
 
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
PECB
 
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
PECB
 
Student Information Session University KTMC
Student Information Session University KTMC Student Information Session University KTMC
Student Information Session University KTMC
PECB
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
PECB
 
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
PECB
 
Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA
PECB
 
IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?
PECB
 
Information Session University Egybyte.pptx
Information Session University Egybyte.pptxInformation Session University Egybyte.pptx
Information Session University Egybyte.pptx
PECB
 
Student Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptxStudent Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptx
PECB
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023
PECB
 

More from PECB (20)

Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of CybersecurityDORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
 
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI GovernanceSecuring the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
 
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
 
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
 
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks EffectivelyISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
 
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
 
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital TransformationISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
 
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulationsManaging ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
 
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
 
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
 
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
 
Student Information Session University KTMC
Student Information Session University KTMC Student Information Session University KTMC
Student Information Session University KTMC
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
 
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
 
Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA
 
IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?
 
Information Session University Egybyte.pptx
Information Session University Egybyte.pptxInformation Session University Egybyte.pptx
Information Session University Egybyte.pptx
 
Student Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptxStudent Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptx
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023
 

Recently uploaded

special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
Special education needs
 
Unit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdfUnit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdf
Thiyagu K
 
Instructions for Submissions thorugh G- Classroom.pptx
Instructions for Submissions thorugh G- Classroom.pptxInstructions for Submissions thorugh G- Classroom.pptx
Instructions for Submissions thorugh G- Classroom.pptx
Jheel Barad
 
The geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideasThe geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideas
GeoBlogs
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
TechSoup
 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
siemaillard
 
Overview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with MechanismOverview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with Mechanism
DeeptiGupta154
 
Lapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdfLapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdf
Jean Carlos Nunes Paixão
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
MIRIAMSALINAS13
 
How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17
Celine George
 
Digital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and ResearchDigital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and Research
Vikramjit Singh
 
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
Nguyen Thanh Tu Collection
 
The Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptxThe Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptx
DhatriParmar
 
"Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe..."Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe...
SACHIN R KONDAGURI
 
Palestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptxPalestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptx
RaedMohamed3
 
Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
Ashokrao Mane college of Pharmacy Peth-Vadgaon
 
Embracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic ImperativeEmbracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic Imperative
Peter Windle
 
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCECLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
BhavyaRajput3
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
camakaiclarkmusic
 
678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf
CarlosHernanMontoyab2
 

Recently uploaded (20)

special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
 
Unit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdfUnit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdf
 
Instructions for Submissions thorugh G- Classroom.pptx
Instructions for Submissions thorugh G- Classroom.pptxInstructions for Submissions thorugh G- Classroom.pptx
Instructions for Submissions thorugh G- Classroom.pptx
 
The geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideasThe geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideas
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
 
Overview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with MechanismOverview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with Mechanism
 
Lapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdfLapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdf
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
 
How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17
 
Digital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and ResearchDigital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and Research
 
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
 
The Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptxThe Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptx
 
"Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe..."Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe...
 
Palestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptxPalestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptx
 
Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
 
Embracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic ImperativeEmbracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic Imperative
 
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCECLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
 
678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf
 

Implementation of Enterprise Risk Management with ISO 31000 Risk Management Standard

  • 1. Implementation of Enterprise Risk Management with ISO 31000 Risk Management Standard By M.Youssef.K Corporate Consultant & Trainer MS PM, MS CS, LSSMBB, CPQS ISO 21500, ISO 13053, ISO 50001 Certified Six Sigma Associates Islamabad Chapter Islamabad - Pakistan
  • 2. M.Youssef K Six Sigma Associates M.Youssef K is an executive consultant & trainer with several qualifications. He is an accomplished expert with over 10 years’ experience in the field of risk management, project and program management, PRINCE 2, Agile, EVM, business process analysis and design, as well as operational and organizational excellence 92-306-5252528 6sigmapk@gmail.com www.sixsigmaassociates.co.uk/sixsigma https://pk.linkedin.com/in/projectmanagementpk
  • 3. Why talk about risk?  Risk is something that we all face every day.  As a company, we have to take risks in pursuit of our commercial objectives.  To raise awareness that we all have to manage risk as part of our daily working lives as well as personal.
  • 4. What do we know about RM?  RM is part of our every day lives:  Crossing the road - Risk of getting run- over  Managing our finances – Risk of going broke  Purchase of insurance – Risk of fire, theft, storm  Choosing to smoke – Risk of cancer  Going for a swim – Risk of drowning  The choices we make in choosing to accept these risks is part of who we are
  • 5. Perception of risk – Simple Example  Which method of transportation has the greatest fatality rate?  By Boat  By Air  By Road – Car  By Road – Motorbike  Walking  Cycling  Train
  • 6. Research results  By Boat 5th  By Air 7th  By Road – Car 4th  By Road – Motorbike 1st  Walking 2nd  Cycling 3rd  Train 6th
  • 7. Our perceptions usually determine our view of the level of risk posed by an activity
  • 8.
  • 10. The Effect of Risk control on Performance Managing Risk to Enhance Performance Managing Risk to enhance performance Excessive controls minimise risk and constrain performance Exposed & destroying performance Ignorant Managing Obsessed Level of Risk Control Performanc e Low High
  • 11. What is ERM? Enterprise Risk Management (ERM) is “a process, effected by an entity’s board of directors, management and other personnel, applied in strategy-setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.”
  • 12. ERM Life Cycle Internal Environment Event Identification Risk Response Control Activities Objective Setting Information & Communication Risk Assessment Monitoring Culture Identify and prioritize risks Evaluate options Evaluate Performance Goal setting Confirm next steps Implement
  • 13. ERM…  Provides a comprehensive and systematic approach to more proactive and holistic risk management  Provides a common lexicon of risk terminology, and provides direction and guidance for implementing ERM  Requires that organizations examine their complete portfolio of risks, consider how those risks interrelate, and that management develops an appropriate risk mitigation approach to address these risks in a manner that is consistent with the organization’s strategy and risk appetite
  • 14. ERM is not…  A silver bullet to prevent risks from occurring  A methodology or a checklist of items that need to be completed that guarantee results  The only way organizations can take a more proactive approach to managing risk
  • 15. Who Is Primarily Responsible for ERM? Source: 2013 RIMS Enterprise Risk Management (ERM) Survey. All rights reserved.
  • 16. What is Risk Management?
  • 17. What Is Risk Management? Risk is: The effect of uncertainty on the ability of an organisation to meet its objectives. Risk management is: The range of activities that an organisation intentionally undertakes to understand and reduce these effects. Effective risk management is: Executing these activities efficiently and in a way that actually and demonstrably improves the ability of the organisation to meet its objectives in a repeatable fashion.
  • 18. Why is it important?  Risk affects all aspects of your project – your budget, your schedule, your scope, the agreed level of quality, and so on  Increase probability of positive event.  Reduce the occurrence of negative event.
  • 19. What does it include?  Risk Management Planning  Risk Identification  Qualitative Risk Analysis  Quantitative Risk Analysis  Risk Response Planning  Risk Monitoring and Control
  • 20. How is it done in project?  Make Risk Management Part of Your Project  Identify Risks Early in Your Project  Communicate About Risks  Consider Both Threats and Opportunities  Clarify Ownership Issues Contd.......
  • 21. How is it done in project?  Prioritise Risks  Analyse Risks  Plan and Implement Risk Responses  Register Project Risks  Track Risks and Associated Tasks
  • 22. What Is ISO 31000? ISO 31000:2009 is: ● An international standard that provides principles and guidelines for effective risk management ● Not specific to any industry or sector ● Able to be applied to any kind of risk ● Able to be applied to any kind of organisation ● Intended to be tailored to meet the needs of the organisation “The generic approach described in this Standard provides the principles and guidelines for managing any form of risk in a systematic, transparent and credible manner and within any scope and context.”
  • 23. ISO 31000:2009 - Scope  Provides principles and generic guidelines on principles and implementation of risk management.  Can be applied to any kind of organisation, risk type and is not specific to any industry or sector.  Is NOT intended to be used for the purpose of certification. 23
  • 24. ISO 31000:2009 - Users ISO 31000:2009 is intended to be used by a wide range of stakeholders including:  those responsible for implementing risk management within their organisation;  those who need to ensure that an organisation manages risk;  those who need to manage risk for the organisation as a whole or within a specific area or activity;  those needing to evaluate an organisation’s practices in managing risk; and  developers of standards, guides, procedures, and codes of practice that in whole or in part set out how risk is to be managed within the specific context of these documents 24
  • 25. What Does ISO 31000 Cover? ISO 31000:2009 contains: ● A set of risk management terms and their definitions ● A set of principles for guiding and informing effective risk management for an enterprise ● An outline and process for creating a risk management framework ● An outline and process for creating a risk management process ISO 31000 is: ● Clear ● Sensible ● Brief (24 pages)
  • 26. 2.0 ENTERPRISE OBJECTIVES - CORPORATE PLANNING PROCESS CONTEXT OF ENTERPRISES OPERATIONS ATTHE APPROPRIATE LEVEL OF THE ENTERPRISE CONDUCT 27 STRATEGIC OBJECTIVE OPERATIONAL OBJECTIVE REPORTING OBJECTIVE COMPLIANCE OBJECTIVE RISK EVENT RISK EVENT RISK EVENT RISK EVENT RISK ANALYSIS RISKTREATMENT RISK EVALUATION MONITOR AND REVIEW
  • 27. ISO 31000 Principles  Creates value  Integral par of organisational processes  Part of decision making  Explicitly addresses uncertainty  Systematic, structured and timely  Based on the best available information  Tailored  Takes human and cultural factors into account Contd.........
  • 28. ISO 31000 Principles  Transparent and inclusive  Dynamic, iterative and responsive to change  Facilitates continual improvement and enhancement of the organisation
  • 29. Establish the context  The strategic context  The organisational context  The RM context  Develop criteria  Decide structure Identify risks  What can happen?  How can it happen? Evaluate risks  Compare against criteria  Set risk priorities Accept Risk Treat Risks  Identify treatment options  Evaluate treatment options  Select treatment options  Prepare treatment plans  Implement plans Determine likelihood Determine consequence Estimate level of risk Analyse Risk Determine existing controls Yes No Monitorandreview Communicateandconsult Establish the risk assessment process
  • 30. Commit and Mandate •Policy Statement •Standards •Guidelines •RM Plan and RM Process •Assurance Plan Communicate & Train •Stakeholder analysis •Training needs analysis •Communication strategy •Training strategy •Roles and Reporting Structure & Accountability •Board RM Committee •Executive RM Group •RM Working Group •Facilitator for Risk Management •RM Champions •Risk and Control Owners Review & Improve •Control assurance •RM Plan progress •RM Maturity Evaluation •RM KPIs •Benchmarking •Governance reporting Framework Continuous Improvement Cycle Management Information System -Risk Registers -Treatment Plans -Assurance Plan -Reporting templates Framework Implementation Establish context Identify risks Analyse risks Evaluate risks Treat risks Communicateandconsult Monitorandreview Risk assessment Process for Managing Risk Framework Implementation FrameworkContinuous ImprovementCycle
  • 31. 34 4.2 Mandate and commitment 4.4 Implementing risk management 4.3 Design of framework for managing risk 4.6 Continual improvement of the framework 4.5 Monitoring and review of the framework Framework for managing risk (Clause 4) a) Creates value b) Integral part of organizational processes c) Part of decision making d) Explicitly addresses uncertainty e) Systematic, structured and timely f) Based on the best available information g) Tailored h) Takes human and cultural factors into account i) Transparent and inclusive j) Dynamic, iterative and responsive to change k) Facilitates continual improvement and enhancement of the organization Principles for managing risk (Clause 3) Process for managing risk (Clause 5) ISO Overview 3 main clauses plus terminology from ISO Guide
  • 32. 35 Standard sort of Risk Matrix be careful, extremely careful, with risk matrices works well at the understanding/communications level, BUT Very Likely (>.45) Likely (.45 - .19) Medium (.19 - .05) Unlikely (.05 - .011) Remote (< .011) Minor Moderate Major Severe Catastrophic Likelihood Consequences High Medium Low Risk levels plotted in structured Workshop with Experts, voting, Delphi…
  • 33. 36 Example risk register for a specific Strategic Objective – illustration only Courtesy of the Food Company •High Risk Profile Objective xx “Ready-to-Heat” Action Plan  Accelerate innovation  Conduct competitor analysis session  Increase of aggressive competition from Rice Master and Fast Rice  Aggressive year for growth target for the segment & brand  Achieve new product growth targets Control ActivitiesRisks (uncertainties re Obj) •JoeOwner •yesPriorityAggressively grow and build the ready-to-heat business by expanding the product line (15% NSV growth & maintain shares above 30%) and broaden the availability of the product. 1. Identify initiatives and their associated descriptions with measurable objectives 2. Prioritize order of the key initiatives based on their contribution to achieving the overall financial and strategic objectives within the OP 4. List of risks that could hinder the ability to meet the initiative’s objectives 5. List of planned activities that will modify the risks – match the treatment strategies to risk through the reference numbers 6. Management Team evaluates the probability of success in achieving this initiative’s overall objectives 3. Document the individual in charge of the given initiative 7. Document the immediate next steps for effective initiative execution 1 2 3 1,2,3 1 Jane to develop 2-3 innovation schemes within 2 months Joe to do market analysis
  • 34. 37 4. Existing Controls4. Existing Controls Preventative 5. Existing Controls5. Existing Controls Reactive – Post Event 2. Causes 6. Risk Control Effectiveness 7. Consequence rating 3. Impacts Existing Preventative Controls Existing Reactive ControlsControl Owner Control Owner Task (future controls) Task Owner Due Date Task (future controls) Task Owner Due Date 8. Likelihood rating 9. RISK RATING 10, Comments BowBow--Tie Risk Treatment ToolTie Risk Treatment Tool 11. Risk Owner © Broadleaf Capital International, 2006 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 1. 2. 3. 4. 5. 6. 1. 2. 3. 4. 5. 6. 1. 2. 1. 2. 3.3. Example of an integrated tool for RM Process
  • 35. Risk Treatment  Can involve:  Avoiding the risk – not to start or continue an activity  taking or increasing risk in order to pursue an opportunity  removing the risk source  Changing the likelihood  Changing the consequences  Transferring the risk or sharing with another party  Retaining the risk by informed decision
  • 36. Risk Management and ISO 31000 How Do I Apply ISO 31000? When should I use ISO 31000? ● When you are asked to identify or assess risks ● When you are asked to manage risks ● When you are asked to assess a risk management framework or process How should I use ISO 31000 ● Use it to frame the scope of the work ● Use it to guide the engagement ● Use it to create a risk management process
  • 37. Risk Management and ISO 31000 ISO 31000 In Summary • ISO 31000 gives you a structured, credible foundation for discussions with about risk and risk management. • ISO 31000 gives you a starting point for a risk management process if you don’t have one. • ISO 31000 gives you a standard vocabulary for talking about risks and risk management. • ISO 31000 gives you a baseline for comparisons and assessments of risk management processes.
  • 38. Benefits of Implementing the International RM Standards  Increase likelihood of achieving objectives  Encourage proactive management  Improve awareness of need to identify and treat risk throughout the organisation  Improve the identification of opportunities and threats  Comply with legal and regulatory requirement and international norms  Improve mandatory and volutntary reporting Contd……..
  • 39. Benefits of Implementing the International RM Standards  Improve governance  Improve stakeholder confidence and trust  Establish a reliable basis for decision making and planning  Improve control  Effectively allocate and use resources for risk treatment  Improve operational effectiveness and efficiency  Enhance health and safety performance, as well as environmental protection Contd……
  • 40. Benefits of Implementing the International RM Standards  Improve loss prevention and incident management  Minimize losses  Improve organisational learning  Improve organizational resilience
  • 41. Countries with Highest Level of Awareness of ISO 31000  Australia (65%)  New Zealand (47%)  Canada (42%)  United Arab Emirates (37%)  Brazil (28%)  South Africa (26%)  Spain (21%)  Netherlands (21%)  United Kingdom (21%)  Finland (18%)  Italy (14%)  France (13%)  USA (11%) “Fully understand ISO 31000”
  • 42. Risk Management is Evolving into Risk Leadership • Risk management will continue to assume a higher priority • Strong board involvement required to facilitate strategic and enterprise- risk • More energy devoted to risk appetite, tracking, measuring and analysing Position • Risk ownership and communication at all levels • Links between risk management, strategic planning and management • Communication between the board and risk management • Risk-based incentives • Risk management talent pool with the right talent • Risk forecasting Challenges • Evidence that well risk managed businesses are more resilient and profitable • Risk management will be viewed as a profession • Predicted that there will be fewer but more senior professionals • Risk management will mature and move towards first line management Opportunities • Professional certification • Knowledge • Experience • Ethics • Continuing professional development Profession is Hard to Define – Similarities to Non-executive Directors