SlideShare a Scribd company logo

Implementing a Risk Management System based on the ISO 31000

Download as PPT, PDF
Continuity and Resilience
Continuity and Resilience

The document provides an overview of implementing a risk management system based on ISO 31000:2018 guidelines. It discusses the principles, framework and process for risk management. The key steps include defining risk management principles, developing a risk management framework, establishing a risk management process involving communication, context establishment, risk assessment, treatment, monitoring and review. The goal is to integrate risk management into all organizational activities and decision making.

1 of 27
© March 2018 Bureau Veritas •Continuity and Resilience (CORE) •ISO 22301 BCM Consulting Firm •Presentations by speakers at the 7th ME Business & IT Resilience Summit March 11, 2018 at The Address Hotel, Duabi Mall, Dubai, UAE Our Contact Details: UAE INDIA Continuity and Resilience Website: www.coreconsulting.ae Tel: +971 2 6594006 PO Box: 25722, Abu Dhabi, United Arab Emirates Email: info@continuityandresilience.com Continuity and Resilience Tel: +91 11 41055534 | Direct: +91 11 6467 9380 Email: info@continuityandresilience.com Website: www.coreconsulting.ae Level 15, Eros Corporate Towers, Nehru Place, New Delhi – 110019, India
IMPLEMENTING RISK MANAGEMENT SYSTEM (Based on ISO 31000: 2018 Risk Management – Guidelines)
3IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Managing Risk The Challenge !!! ►We live in an ever-changing world where we are forced to deal with uncertainty every day. Why ? Organizations of all types and sizes face external and internal factors and influences that make it uncertain whether they will achieve their objectives.
4IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Success What Predicts Success ?? ►How an organization tackles that uncertainty can be a key predictor of its success Source : ISO 31000 Managing Risk
5IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Why Risk Management ? Preparing for and responding to negative events, from the predictable to the unforeseen, from the mundane to the catastrophic, has become a fact of life for businesses and governments around the world. Tackling these risks requires an integrated and holistic framework with the capability to identify, evaluate and adequately define responses to the circumstances This holistic approach gives organizations a better framework for mitigating risk while advancing their goals and opportunities in the face of business threats Source : ISO 31000
6IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Why ISO 31000 ? ►Risk is a necessary part of doing business and in a world where enormous amounts of data are being processed at increasingly rapid rates, identifying and mitigating risks is a challenge for any company. ►Many contracts and insurance agreements require solid evidence of good risk management practice. ►ISO 31000 provides direction on how companies can integrate risk-based decision making into an organization’s governance, planning, management,reporting, policies, values and culture Source : ISO 31000
7IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas ISO 31000:2018 Risk management ►This provides Guidelines on Managing risk faced by organizations. ►The application of these guidelines can be customized to any organization and its context. ►This document provides a common approach to managing any type of risk and is not industry or sector specific. ►This document can be used throughout the life of the organization and can be applied to any activity,including decision-making at all levels. Source : ISO 31000
8IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Implementing Risk Management ►is iterative and assists organizations in setting strategy, achieving objectives and making informed decisions. ►is part of governance and leadership, and is fundamental to how the organization is managed at all levels. It contributes to the improvement of management systems. ►is part of all activities associated with an organization and includes interaction with stakeholders ►considers the external and internal context of the organization, including human behaviour and cultural factors ►is based on the principles, framework and process. ►These components might already exist in full or in part within the organization, however, they might need to be adapted or improved so that managing risk is efficient, effective and consistentSource : ISO 31000
9IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Principles, framework and process
10IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Step 1 Define Risk Management Principles ►The purpose of risk management is the creation and protection of value. ► It improves performance, encourages innovation and supports the achievement of objectives. Source : ISO 31000
11IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas ISO 31000 Principles for risk management ►Risk management creates and protects value Contributes to the demonstrable achievement of objectives and improvement of performance in, for example, human health and safety, security, legal and regulatory compliance, public acceptance, environmental protection, product quality, project management, efficiency in operations, governance and reputation. ►Risk management is an integral part of all organizational processes Part of the responsibilities of management and of all organizational processes including strategic planning and project and change management processes. ►Risk management is part of decision making Helps decision makers make informed choices, prioritize actions and distinguish among alternative courses of action. ►Risk management explicitly addresses uncertainty Takes account of uncertainty, the nature of that uncertainty, and how it can be addressed. Source : ISO 31000
12IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Principles for risk management, continued .. ►Risk management is systematic, structured and timely A systematic, timely and structured approach contributes to efficiency and to consistent, comparable and reliable results. ►Risk management is based on the best available information The Inputs to the process are based on information sources such as historical data, experience, stakeholder feedback, observation, forecasts and expert judgment. ►Risk management is tailored. It is aligned with the organization's external and internal context and risk profile. ►Risk management takes human and cultural factors into account recognizes the capabilities, perceptions and intentions of external and internal people that can facilitate or hinder achievement of the organization's objectives. Source : ISO 31000
13IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Principles for risk management, continued … ►Risk management is transparent and inclusive. Appropriate and timely involvement of stakeholders and, in particular, decision makers at all levels of the organization, ensures that risk management remains relevant and up-to-date. Involvement also allows stakeholders to be properly represented and to have their views taken into account in determining risk criteria. ►Risk management is dynamic, iterative and responsive to change. Risk management continually senses and responds to change. As external and internal events occur, context and knowledge change, monitoring and review of risks take place, new risks emerge, some change, and others disappear. ►Risk management facilitates continual improvement of the organization Organizations should develop and implement strategies to improve their risk management maturity alongside all other aspects of their organization. Source : ISO 31000
14IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Step 2 Develop Risk Management Framework •The purpose of the risk management framework is to assist the organization in integrating risk management into significant activities and functions. •The effectiveness of risk management will depend on its integration into the governance of the organization, including decision-making. •This requires support from stakeholders, particularly top management. •Framework development encompasses integrating, designing, implementing, evaluating and improving risk management across the organization. Components of Framework Source : ISO 31000
15IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Step 3 Establish Risk Management process The risk management process involves the systematic application of policies, procedures and practices to the activities of : •Communicating and consulting, •Establishing the context and •Assessing, treating, monitoring, •Reviewing, recording and •Reporting risk. Source : ISO 31000
16IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Establish Risk Management process •The risk management process should be an integral part of management and decision-making and integrated into the structure, operations and processes of the organization. •It can be applied at strategic, operational, programme or project levels. Source : ISO 31000
17IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Step 4 Communication and consultation Communication and consultation aims to: •bring different areas of expertise together for each step of the risk management process; •ensure that different views are appropriately considered when defining risk criteria and when evaluating risks; • provide sufficient information to facilitate risk oversight and decision- making; •build a sense of inclusiveness and ownership among those affected by risk. Source : ISO 31000
18IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Step 5 Establishing the context •The purpose of establishing the scope, the context and criteria is to customize the risk management process, enabling effective risk assessment and appropriate risk treatment. •Scope, context and criteria involve defining the scope of the process, and understanding the external and internal context. Source : ISO 31000
19IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Step 6 Perform Risk assessment •Risk assessment is the overall process of risk identification, risk analysis and risk evaluation. •Risk assessment should be conducted systematically, iteratively and collaboratively, drawing on the knowledge and views of stakeholders. •It should use the best available information, supplemented by further enquiry as necessary. Source : ISO 31000
20IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Step 7 Risk Treatment •The purpose of risk treatment is to select and implement options for addressing risk. •Risk treatment involves an iterative process of: • formulating and selecting risk treatment options; • planning and implementing risk treatment; • assessing the effectiveness of that treatment; • deciding whether the remaining risk is acceptable; • if not acceptable, taking further treatment. Source : ISO 31000
21IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Step 8 Monitor and review Risk Management Process •The purpose of monitoring and review is to assure and improve the quality and effectiveness of process design, implementation and outcomes. •Ongoing monitoring and periodic review of the risk management process and its outcomes should be a planned part of the risk management process, with responsibilities clearly defined.. Source : ISO 31000
22IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Step 9 Recording and reporting outcomes •The risk management process and its outcomes should be documented and reported through appropriate mechanisms. •Recording and reporting aims to: • communicate risk management activities and outcomes across the organization; • provide information for decision-making; • improve risk management activities; • assist interaction with stakeholders, including those with responsibility and accountability for risk management activities. Source : ISO 31000
23IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas ISO 31000 Relationship with other management systems ► Leadership (corporate Governance) of an organisation is performed by Top Management and high level personnel of the different departments. ► To direct management and employees for common objectives and behaviours a policy of the organisation is deployed, communicated and implemented. ► Management Systems arrange the organisations different control mechanisms. ► Management-Information-Systems measure the activities in the organization and present the results with quantitative and financial indicators. ► All activities of the organisation must comply to statutory and regulatory requirements. Source : ISO 31000
24IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas ISO 31000 Connection with Other Management instruments Top Management “Corporate Governance“ Integrated Management- system Organizations policy Risk management Customer, statutory, regulatory and standardized requirements Management information system (with internal Controlling) Source : ONR 49000
25IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Risk Management and other related standards ISO 27001 : INFORMATION SECURITY MANAGEMENT SYSTEM ISO 22301 : BUSINESS CONTINUITY MANAGEMENT ISO 31000 : RISK MANAGEMENT GUIDELINES ISO27001:A.14.1 Information security aspects of business continuity management harmonize risk management processes in existing and future standards, dealing with specific risks and/or sectors, and does not replace those standards preservation of confidentiality, integrity and availability of information strategic and tactical capability of the organization to plan for and respond to incidents and business disruptions in order to continue business operations at an acceptable pre-defined level Also the QMS, EMS,OHSMS,ASSET MANAGEMENT to name a few in ISO series Requires Risk Management
26IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Thank You
•Process Excellence and Resilience... • Creating Corporate Sustainability© March 2018 Bureau Veritas Continuity and Resilience (CORE) •ISO 22301 BCM Consulting Firm •Presentations by our partners and extended team of industry experts UAE INDIA Continuity and Resilience Website: www.coreconsulting.ae Tel: +971 2 6594006 PO Box: 25722, Abu Dhabi, United Arab Emirates Email: info@continuityandresilience.com Continuity and Resilience Tel: +91 11 41055534 | Direct: +91 11 6467 9380 Email: info@continuityandresilience.com Website: www.coreconsulting.ae Level 15, Eros Corporate Towers, Nehru Place, New Delhi – 110019, India

Recommended

Implementing Enterprise Risk Management with ISO 31000:2009
Implementing Enterprise Risk Management with ISO 31000:2009Implementing Enterprise Risk Management with ISO 31000:2009
Implementing Enterprise Risk Management with ISO 31000:2009
Goutama Bachtiar
 
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
PECB
 
PECB Webinar: Aligning ISO 31000 and Management of Risk Methodology
PECB Webinar: Aligning ISO 31000 and Management of Risk MethodologyPECB Webinar: Aligning ISO 31000 and Management of Risk Methodology
PECB Webinar: Aligning ISO 31000 and Management of Risk Methodology
PECB
 
Strategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management RightStrategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management Right
Proformative, Inc.
 
Enterprise Risk Management Framework
Enterprise Risk Management FrameworkEnterprise Risk Management Framework
Enterprise Risk Management Framework
Nigel Tebbutt
 
Risk and Business Continuity Management
Risk and Business Continuity Management Risk and Business Continuity Management
Risk and Business Continuity Management
Continuity and Resilience
 
Risk management
Risk managementRisk management
Risk management
Manish Tiwari
 
ISO 22301: The New Standard for Business Continuity Best Practice
ISO 22301: The New Standard for Business Continuity Best PracticeISO 22301: The New Standard for Business Continuity Best Practice
ISO 22301: The New Standard for Business Continuity Best Practice
MissionMode
 

Recommended

Implementing Enterprise Risk Management with ISO 31000:2009
Implementing Enterprise Risk Management with ISO 31000:2009Implementing Enterprise Risk Management with ISO 31000:2009
Implementing Enterprise Risk Management with ISO 31000:2009
Goutama Bachtiar
 
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
PECB
 
PECB Webinar: Aligning ISO 31000 and Management of Risk Methodology
PECB Webinar: Aligning ISO 31000 and Management of Risk MethodologyPECB Webinar: Aligning ISO 31000 and Management of Risk Methodology
PECB Webinar: Aligning ISO 31000 and Management of Risk Methodology
PECB
 
Strategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management RightStrategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management Right
Proformative, Inc.
 
Enterprise Risk Management Framework
Enterprise Risk Management FrameworkEnterprise Risk Management Framework
Enterprise Risk Management Framework
Nigel Tebbutt
 
Risk and Business Continuity Management
Risk and Business Continuity Management Risk and Business Continuity Management
Risk and Business Continuity Management
Continuity and Resilience
 
Risk management
Risk managementRisk management
Risk management
Manish Tiwari
 
ISO 22301: The New Standard for Business Continuity Best Practice
ISO 22301: The New Standard for Business Continuity Best PracticeISO 22301: The New Standard for Business Continuity Best Practice
ISO 22301: The New Standard for Business Continuity Best Practice
MissionMode
 
Integrating Risk into your Balanced Scorecard
Integrating Risk into your Balanced Scorecard Integrating Risk into your Balanced Scorecard
Integrating Risk into your Balanced Scorecard
Andrew Smart
 
Enterprise Risk Management PowerPoint Presentation Slides
Enterprise Risk Management PowerPoint Presentation Slides Enterprise Risk Management PowerPoint Presentation Slides
Enterprise Risk Management PowerPoint Presentation Slides
SlideTeam
 
PECB Webinar: ISO 31000 - The Benchmark for Risk Management in uncertain times
PECB Webinar: ISO 31000 - The Benchmark for Risk Management in uncertain timesPECB Webinar: ISO 31000 - The Benchmark for Risk Management in uncertain times
PECB Webinar: ISO 31000 - The Benchmark for Risk Management in uncertain times
PECB
 
Risk management
Risk managementRisk management
Risk management
Harold Malamion
 
Business Continuity Management & ISO 22301
Business Continuity Management & ISO 22301Business Continuity Management & ISO 22301
Business Continuity Management & ISO 22301
IT Governance Ltd
 
Risk Management
Risk ManagementRisk Management
Risk Management
Stefan Csosz
 
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksC-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
Aronson LLC
 
Integrating Strategy and Risk Management
Integrating Strategy and Risk ManagementIntegrating Strategy and Risk Management
Integrating Strategy and Risk Management
Andrew Smart
 
Business Continuity Planning
Business Continuity PlanningBusiness Continuity Planning
Business Continuity Planning
Institute for Business Continuity Training
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk Management
Prof. Akram Hassan PhD,MBA,PMP,OPM3
 
Strategic Risk Management in the Face of Uncertainty and Unexpected Risks
Strategic Risk Management in the Face of Uncertainty and Unexpected RisksStrategic Risk Management in the Face of Uncertainty and Unexpected Risks
Strategic Risk Management in the Face of Uncertainty and Unexpected Risks
International Federation of Accountants
 
Risk Overview & Risk management
Risk Overview & Risk managementRisk Overview & Risk management
Risk Overview & Risk management
Subhendu Datta
 
Shaping Your Culture via Risk Appetite
Shaping Your Culture via Risk Appetite Shaping Your Culture via Risk Appetite
Shaping Your Culture via Risk Appetite
Andrew Smart
 
ISO 31000 Risk Management
ISO 31000 Risk ManagementISO 31000 Risk Management
ISO 31000 Risk Management
Ramiro Cid
 
127017438_RMA_OperationalRiskAppetite_v1.0
127017438_RMA_OperationalRiskAppetite_v1.0127017438_RMA_OperationalRiskAppetite_v1.0
127017438_RMA_OperationalRiskAppetite_v1.0Rachael Phelan
 
Enterprise Risk Management and Sustainability
Enterprise Risk Management and SustainabilityEnterprise Risk Management and Sustainability
Enterprise Risk Management and Sustainability
Jeff B
 
Assess Your Business Continuity Management Process
Assess Your Business Continuity Management ProcessAssess Your Business Continuity Management Process
Assess Your Business Continuity Management Process
Anand Subramaniam
 
Embedding RCSA into Strategic Planning and Business Strategy
Embedding RCSA into Strategic Planning and Business StrategyEmbedding RCSA into Strategic Planning and Business Strategy
Embedding RCSA into Strategic Planning and Business Strategy
Andrew Smart
 
Business continuity management per ISO 22301 - a certification training cour...
Business continuity management per ISO 22301 - a certification training cour... Business continuity management per ISO 22301 - a certification training cour...
Business continuity management per ISO 22301 - a certification training cour...
Mart Rovers
 
Grc governance, risk management & compliance
Grc governance, risk management & complianceGrc governance, risk management & compliance
Grc governance, risk management & complianceHR Globe Consulting
 
ISO 31000
ISO 31000ISO 31000
ISO 31000
yeganehmajidi
 
Five Lines of Assurance A New ERM and IA Paradigm
Five Lines of Assurance A New ERM and IA ParadigmFive Lines of Assurance A New ERM and IA Paradigm
Five Lines of Assurance A New ERM and IA ParadigmTim Leech
 

More Related Content

What's hot

Integrating Risk into your Balanced Scorecard
Integrating Risk into your Balanced Scorecard Integrating Risk into your Balanced Scorecard
Integrating Risk into your Balanced Scorecard
Andrew Smart
 
Enterprise Risk Management PowerPoint Presentation Slides
Enterprise Risk Management PowerPoint Presentation Slides Enterprise Risk Management PowerPoint Presentation Slides
Enterprise Risk Management PowerPoint Presentation Slides
SlideTeam
 
PECB Webinar: ISO 31000 - The Benchmark for Risk Management in uncertain times
PECB Webinar: ISO 31000 - The Benchmark for Risk Management in uncertain timesPECB Webinar: ISO 31000 - The Benchmark for Risk Management in uncertain times
PECB Webinar: ISO 31000 - The Benchmark for Risk Management in uncertain times
PECB
 
Risk management
Risk managementRisk management
Risk management
Harold Malamion
 
Business Continuity Management & ISO 22301
Business Continuity Management & ISO 22301Business Continuity Management & ISO 22301
Business Continuity Management & ISO 22301
IT Governance Ltd
 
Risk Management
Risk ManagementRisk Management
Risk Management
Stefan Csosz
 
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksC-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
Aronson LLC
 
Integrating Strategy and Risk Management
Integrating Strategy and Risk ManagementIntegrating Strategy and Risk Management
Integrating Strategy and Risk Management
Andrew Smart
 
Business Continuity Planning
Business Continuity PlanningBusiness Continuity Planning
Business Continuity Planning
Institute for Business Continuity Training
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk Management
Prof. Akram Hassan PhD,MBA,PMP,OPM3
 
Strategic Risk Management in the Face of Uncertainty and Unexpected Risks
Strategic Risk Management in the Face of Uncertainty and Unexpected RisksStrategic Risk Management in the Face of Uncertainty and Unexpected Risks
Strategic Risk Management in the Face of Uncertainty and Unexpected Risks
International Federation of Accountants
 
Risk Overview & Risk management
Risk Overview & Risk managementRisk Overview & Risk management
Risk Overview & Risk management
Subhendu Datta
 
Shaping Your Culture via Risk Appetite
Shaping Your Culture via Risk Appetite Shaping Your Culture via Risk Appetite
Shaping Your Culture via Risk Appetite
Andrew Smart
 
ISO 31000 Risk Management
ISO 31000 Risk ManagementISO 31000 Risk Management
ISO 31000 Risk Management
Ramiro Cid
 
127017438_RMA_OperationalRiskAppetite_v1.0
127017438_RMA_OperationalRiskAppetite_v1.0127017438_RMA_OperationalRiskAppetite_v1.0
127017438_RMA_OperationalRiskAppetite_v1.0Rachael Phelan
 
Enterprise Risk Management and Sustainability
Enterprise Risk Management and SustainabilityEnterprise Risk Management and Sustainability
Enterprise Risk Management and Sustainability
Jeff B
 
Assess Your Business Continuity Management Process
Assess Your Business Continuity Management ProcessAssess Your Business Continuity Management Process
Assess Your Business Continuity Management Process
Anand Subramaniam
 
Embedding RCSA into Strategic Planning and Business Strategy
Embedding RCSA into Strategic Planning and Business StrategyEmbedding RCSA into Strategic Planning and Business Strategy
Embedding RCSA into Strategic Planning and Business Strategy
Andrew Smart
 
Business continuity management per ISO 22301 - a certification training cour...
Business continuity management per ISO 22301 - a certification training cour... Business continuity management per ISO 22301 - a certification training cour...
Business continuity management per ISO 22301 - a certification training cour...
Mart Rovers
 
Grc governance, risk management & compliance
Grc governance, risk management & complianceGrc governance, risk management & compliance
Grc governance, risk management & complianceHR Globe Consulting
 

What's hot (20)

Integrating Risk into your Balanced Scorecard
Integrating Risk into your Balanced Scorecard Integrating Risk into your Balanced Scorecard
Integrating Risk into your Balanced Scorecard
 
Enterprise Risk Management PowerPoint Presentation Slides
Enterprise Risk Management PowerPoint Presentation Slides Enterprise Risk Management PowerPoint Presentation Slides
Enterprise Risk Management PowerPoint Presentation Slides
 
PECB Webinar: ISO 31000 - The Benchmark for Risk Management in uncertain times
PECB Webinar: ISO 31000 - The Benchmark for Risk Management in uncertain timesPECB Webinar: ISO 31000 - The Benchmark for Risk Management in uncertain times
PECB Webinar: ISO 31000 - The Benchmark for Risk Management in uncertain times
 
Risk management
Risk managementRisk management
Risk management
 
Business Continuity Management & ISO 22301
Business Continuity Management & ISO 22301Business Continuity Management & ISO 22301
Business Continuity Management & ISO 22301
 
Risk Management
Risk ManagementRisk Management
Risk Management
 
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksC-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
 
Integrating Strategy and Risk Management
Integrating Strategy and Risk ManagementIntegrating Strategy and Risk Management
Integrating Strategy and Risk Management
 
Business Continuity Planning
Business Continuity PlanningBusiness Continuity Planning
Business Continuity Planning
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk Management
 
Strategic Risk Management in the Face of Uncertainty and Unexpected Risks
Strategic Risk Management in the Face of Uncertainty and Unexpected RisksStrategic Risk Management in the Face of Uncertainty and Unexpected Risks
Strategic Risk Management in the Face of Uncertainty and Unexpected Risks
 
Risk Overview & Risk management
Risk Overview & Risk managementRisk Overview & Risk management
Risk Overview & Risk management
 
Shaping Your Culture via Risk Appetite
Shaping Your Culture via Risk Appetite Shaping Your Culture via Risk Appetite
Shaping Your Culture via Risk Appetite
 
ISO 31000 Risk Management
ISO 31000 Risk ManagementISO 31000 Risk Management
ISO 31000 Risk Management
 
127017438_RMA_OperationalRiskAppetite_v1.0
127017438_RMA_OperationalRiskAppetite_v1.0127017438_RMA_OperationalRiskAppetite_v1.0
127017438_RMA_OperationalRiskAppetite_v1.0
 
Enterprise Risk Management and Sustainability
Enterprise Risk Management and SustainabilityEnterprise Risk Management and Sustainability
Enterprise Risk Management and Sustainability
 
Assess Your Business Continuity Management Process
Assess Your Business Continuity Management ProcessAssess Your Business Continuity Management Process
Assess Your Business Continuity Management Process
 
Embedding RCSA into Strategic Planning and Business Strategy
Embedding RCSA into Strategic Planning and Business StrategyEmbedding RCSA into Strategic Planning and Business Strategy
Embedding RCSA into Strategic Planning and Business Strategy
 
Business continuity management per ISO 22301 - a certification training cour...
Business continuity management per ISO 22301 - a certification training cour... Business continuity management per ISO 22301 - a certification training cour...
Business continuity management per ISO 22301 - a certification training cour...
 
Grc governance, risk management & compliance
Grc governance, risk management & complianceGrc governance, risk management & compliance
Grc governance, risk management & compliance
 

Similar to Implementing a Risk Management System based on the ISO 31000

ISO 31000
ISO 31000ISO 31000
ISO 31000
yeganehmajidi
 
Five Lines of Assurance A New ERM and IA Paradigm
Five Lines of Assurance A New ERM and IA ParadigmFive Lines of Assurance A New ERM and IA Paradigm
Five Lines of Assurance A New ERM and IA ParadigmTim Leech
 
Five lines of assurance a new paradigm in internal audit & erm
Five lines of assurance a new paradigm in internal audit & ermFive lines of assurance a new paradigm in internal audit & erm
Five lines of assurance a new paradigm in internal audit & erm
Dr. Zar Rdj
 
Risk management erm
Risk management ermRisk management erm
Risk management erm
Alberto Garcia Romera
 
PECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB Webinar: ISO 31000 – Risk Management and how it can help an organizationPECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB
 
A structured approach to Enterprise Risk Management (ERM) and the requirement...
A structured approach to Enterprise Risk Management (ERM) and the requirement...A structured approach to Enterprise Risk Management (ERM) and the requirement...
A structured approach to Enterprise Risk Management (ERM) and the requirement...Hassan Zaitoun
 
Descriptor MetisGRC
Descriptor MetisGRCDescriptor MetisGRC
Descriptor MetisGRC
Otbert de Jong
 
Dr hatem el bitar quality text (17)د حاتم البيطار #دحاتم_البيطار #timodent...
Dr hatem el bitar quality text (17)د حاتم البيطار #دحاتم_البيطار #timodent...Dr hatem el bitar quality text (17)د حاتم البيطار #دحاتم_البيطار #timodent...
Dr hatem el bitar quality text (17)د حاتم البيطار #دحاتم_البيطار #timodent...
د حاتم البيطار
 
Failure deriving from underestimating risk management
Failure deriving from underestimating risk management Failure deriving from underestimating risk management
Failure deriving from underestimating risk management
PECB
 
Relevance of ISO 31000 for risk professionals.pptx
Relevance of ISO 31000 for risk professionals.pptxRelevance of ISO 31000 for risk professionals.pptx
Relevance of ISO 31000 for risk professionals.pptx
CaptSameerSharma
 
Essay On Risk Management
Essay On Risk ManagementEssay On Risk Management
Essay On Risk Management
Custom Paper Services Swainsboro
 
Risk Management Presentation to Doyle Property Club
Risk Management Presentation to Doyle Property ClubRisk Management Presentation to Doyle Property Club
Risk Management Presentation to Doyle Property Club
marcpreston
 
Super Strategies 2014 Risk Strategy Presentation
Super Strategies 2014 Risk Strategy PresentationSuper Strategies 2014 Risk Strategy Presentation
Super Strategies 2014 Risk Strategy PresentationDavid Fernandes
 
I need response to the discussion post in 200 words.docx
I need response to the discussion post in 200 words.docxI need response to the discussion post in 200 words.docx
I need response to the discussion post in 200 words.docx
write4
 
I need response to the discussion post in 200 words.docx
I need response to the discussion post in 200 words.docxI need response to the discussion post in 200 words.docx
I need response to the discussion post in 200 words.docx
sdfghj21
 
FERMA presentation at the IIA Belgium Conference
FERMA presentation at the IIA Belgium ConferenceFERMA presentation at the IIA Belgium Conference
FERMA presentation at the IIA Belgium Conference
FERMA
 
Iso 31000
Iso 31000Iso 31000
Iso 31000
Dr. Jojo Javier
 
ISO 31000:2018 (Risk Management) Awareness Training
ISO 31000:2018 (Risk Management) Awareness TrainingISO 31000:2018 (Risk Management) Awareness Training
ISO 31000:2018 (Risk Management) Awareness Training
Operational Excellence Consulting
 
Centralized operations – Risk, Control, and Compliance
Centralized operations – Risk, Control, and ComplianceCentralized operations – Risk, Control, and Compliance
Centralized operations – Risk, Control, and Compliance
PECB
 
Risk Management Fundamentals
Risk Management FundamentalsRisk Management Fundamentals
Risk Management Fundamentalsmikaelastafrace
 

Similar to Implementing a Risk Management System based on the ISO 31000 (20)

ISO 31000
ISO 31000ISO 31000
ISO 31000
 
Five Lines of Assurance A New ERM and IA Paradigm
Five Lines of Assurance A New ERM and IA ParadigmFive Lines of Assurance A New ERM and IA Paradigm
Five Lines of Assurance A New ERM and IA Paradigm
 
Five lines of assurance a new paradigm in internal audit & erm
Five lines of assurance a new paradigm in internal audit & ermFive lines of assurance a new paradigm in internal audit & erm
Five lines of assurance a new paradigm in internal audit & erm
 
Risk management erm
Risk management ermRisk management erm
Risk management erm
 
PECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB Webinar: ISO 31000 – Risk Management and how it can help an organizationPECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB Webinar: ISO 31000 – Risk Management and how it can help an organization
 
A structured approach to Enterprise Risk Management (ERM) and the requirement...
A structured approach to Enterprise Risk Management (ERM) and the requirement...A structured approach to Enterprise Risk Management (ERM) and the requirement...
A structured approach to Enterprise Risk Management (ERM) and the requirement...
 
Descriptor MetisGRC
Descriptor MetisGRCDescriptor MetisGRC
Descriptor MetisGRC
 
Dr hatem el bitar quality text (17)د حاتم البيطار #دحاتم_البيطار #timodent...
Dr hatem el bitar quality text (17)د حاتم البيطار #دحاتم_البيطار #timodent...Dr hatem el bitar quality text (17)د حاتم البيطار #دحاتم_البيطار #timodent...
Dr hatem el bitar quality text (17)د حاتم البيطار #دحاتم_البيطار #timodent...
 
Failure deriving from underestimating risk management
Failure deriving from underestimating risk management Failure deriving from underestimating risk management
Failure deriving from underestimating risk management
 
Relevance of ISO 31000 for risk professionals.pptx
Relevance of ISO 31000 for risk professionals.pptxRelevance of ISO 31000 for risk professionals.pptx
Relevance of ISO 31000 for risk professionals.pptx
 
Essay On Risk Management
Essay On Risk ManagementEssay On Risk Management
Essay On Risk Management
 
Risk Management Presentation to Doyle Property Club
Risk Management Presentation to Doyle Property ClubRisk Management Presentation to Doyle Property Club
Risk Management Presentation to Doyle Property Club
 
Super Strategies 2014 Risk Strategy Presentation
Super Strategies 2014 Risk Strategy PresentationSuper Strategies 2014 Risk Strategy Presentation
Super Strategies 2014 Risk Strategy Presentation
 
I need response to the discussion post in 200 words.docx
I need response to the discussion post in 200 words.docxI need response to the discussion post in 200 words.docx
I need response to the discussion post in 200 words.docx
 
I need response to the discussion post in 200 words.docx
I need response to the discussion post in 200 words.docxI need response to the discussion post in 200 words.docx
I need response to the discussion post in 200 words.docx
 
FERMA presentation at the IIA Belgium Conference
FERMA presentation at the IIA Belgium ConferenceFERMA presentation at the IIA Belgium Conference
FERMA presentation at the IIA Belgium Conference
 
Iso 31000
Iso 31000Iso 31000
Iso 31000
 
ISO 31000:2018 (Risk Management) Awareness Training
ISO 31000:2018 (Risk Management) Awareness TrainingISO 31000:2018 (Risk Management) Awareness Training
ISO 31000:2018 (Risk Management) Awareness Training
 
Centralized operations – Risk, Control, and Compliance
Centralized operations – Risk, Control, and ComplianceCentralized operations – Risk, Control, and Compliance
Centralized operations – Risk, Control, and Compliance
 
Risk Management Fundamentals
Risk Management FundamentalsRisk Management Fundamentals
Risk Management Fundamentals
 

More from Continuity and Resilience

The Business Continuity Conference, 25th October 2023 in Riyadh - Mr. Atiq Bajwa
The Business Continuity Conference, 25th October 2023 in Riyadh - Mr. Atiq BajwaThe Business Continuity Conference, 25th October 2023 in Riyadh - Mr. Atiq Bajwa
The Business Continuity Conference, 25th October 2023 in Riyadh - Mr. Atiq Bajwa
Continuity and Resilience
 
The Business Continuity Conference, 25th October 2023 in Riyadh - Nuha Eltinay
The Business Continuity Conference, 25th October 2023 in Riyadh - Nuha EltinayThe Business Continuity Conference, 25th October 2023 in Riyadh - Nuha Eltinay
The Business Continuity Conference, 25th October 2023 in Riyadh - Nuha Eltinay
Continuity and Resilience
 
The Business Continuity Conference, 25th October 2023 in Riyadh - Paul Gant
The Business Continuity Conference, 25th October 2023 in Riyadh - Paul GantThe Business Continuity Conference, 25th October 2023 in Riyadh - Paul Gant
The Business Continuity Conference, 25th October 2023 in Riyadh - Paul Gant
Continuity and Resilience
 
The Business Continuity Conference, 25th October 2023 in Riyadh - David Boll...
The Business Continuity Conference, 25th October 2023 in Riyadh - David Boll...The Business Continuity Conference, 25th October 2023 in Riyadh - David Boll...
The Business Continuity Conference, 25th October 2023 in Riyadh - David Boll...
Continuity and Resilience
 
The Business Continuity Conference, 25th October 2023 in Riyadh - Abdulrahma...
The Business Continuity Conference, 25th October 2023 in Riyadh - Abdulrahma...The Business Continuity Conference, 25th October 2023 in Riyadh - Abdulrahma...
The Business Continuity Conference, 25th October 2023 in Riyadh - Abdulrahma...
Continuity and Resilience
 
DEFLUFFING RESILIENCE
DEFLUFFING RESILIENCEDEFLUFFING RESILIENCE
DEFLUFFING RESILIENCE
Continuity and Resilience
 
CREATING AND MAINTAINING A BCM PROGRAM
CREATING AND MAINTAINING A BCM PROGRAM CREATING AND MAINTAINING A BCM PROGRAM
CREATING AND MAINTAINING A BCM PROGRAM
Continuity and Resilience
 
BCM Challenges and Compliance
BCM Challenges and Compliance BCM Challenges and Compliance
BCM Challenges and Compliance
Continuity and Resilience
 
Thriving in the Crisis Situation
Thriving in the Crisis SituationThriving in the Crisis Situation
Thriving in the Crisis Situation
Continuity and Resilience
 
Cyber Security & IT Resilience
Cyber Security & IT Resilience Cyber Security & IT Resilience
Cyber Security & IT Resilience
Continuity and Resilience
 
Enterprise Resilience
Enterprise ResilienceEnterprise Resilience
Enterprise Resilience
Continuity and Resilience
 
Advancing the Enterprise Towards Enterprise Resilience
Advancing the Enterprise Towards Enterprise ResilienceAdvancing the Enterprise Towards Enterprise Resilience
Advancing the Enterprise Towards Enterprise Resilience
Continuity and Resilience
 
Bcm is all about people!
Bcm is all about people!Bcm is all about people!
Bcm is all about people!
Continuity and Resilience
 
SAMA BCM Framework
SAMA BCM Framework SAMA BCM Framework
SAMA BCM Framework
Continuity and Resilience
 
Value of Work Place Services in the Middle East
Value of Work Place Services in the Middle EastValue of Work Place Services in the Middle East
Value of Work Place Services in the Middle East
Continuity and Resilience
 
Social Media Influence in the field of Crisis Management– Case Studies
Social Media Influence in the field of Crisis Management– Case StudiesSocial Media Influence in the field of Crisis Management– Case Studies
Social Media Influence in the field of Crisis Management– Case Studies
Continuity and Resilience
 
Cyber Resilience Tips and Techniques For Protection & Response
Cyber Resilience Tips and Techniques For Protection & Response Cyber Resilience Tips and Techniques For Protection & Response
Cyber Resilience Tips and Techniques For Protection & Response
Continuity and Resilience
 
Business Continuity and Information Security- An Excellent Fit!
Business Continuity and Information Security- An Excellent Fit!Business Continuity and Information Security- An Excellent Fit!
Business Continuity and Information Security- An Excellent Fit!
Continuity and Resilience
 
Crisis Communication & BCM in Aviation Sector
Crisis Communication & BCM in Aviation SectorCrisis Communication & BCM in Aviation Sector
Crisis Communication & BCM in Aviation Sector
Continuity and Resilience
 
Effectiveness of Disaster Management Ground Reality and Potential.
Effectiveness of Disaster Management Ground Reality and Potential.Effectiveness of Disaster Management Ground Reality and Potential.
Effectiveness of Disaster Management Ground Reality and Potential.
Continuity and Resilience
 

More from Continuity and Resilience (20)

The Business Continuity Conference, 25th October 2023 in Riyadh - Mr. Atiq Bajwa
The Business Continuity Conference, 25th October 2023 in Riyadh - Mr. Atiq BajwaThe Business Continuity Conference, 25th October 2023 in Riyadh - Mr. Atiq Bajwa
The Business Continuity Conference, 25th October 2023 in Riyadh - Mr. Atiq Bajwa
 
The Business Continuity Conference, 25th October 2023 in Riyadh - Nuha Eltinay
The Business Continuity Conference, 25th October 2023 in Riyadh - Nuha EltinayThe Business Continuity Conference, 25th October 2023 in Riyadh - Nuha Eltinay
The Business Continuity Conference, 25th October 2023 in Riyadh - Nuha Eltinay
 
The Business Continuity Conference, 25th October 2023 in Riyadh - Paul Gant
The Business Continuity Conference, 25th October 2023 in Riyadh - Paul GantThe Business Continuity Conference, 25th October 2023 in Riyadh - Paul Gant
The Business Continuity Conference, 25th October 2023 in Riyadh - Paul Gant
 
The Business Continuity Conference, 25th October 2023 in Riyadh - David Boll...
The Business Continuity Conference, 25th October 2023 in Riyadh - David Boll...The Business Continuity Conference, 25th October 2023 in Riyadh - David Boll...
The Business Continuity Conference, 25th October 2023 in Riyadh - David Boll...
 
The Business Continuity Conference, 25th October 2023 in Riyadh - Abdulrahma...
The Business Continuity Conference, 25th October 2023 in Riyadh - Abdulrahma...The Business Continuity Conference, 25th October 2023 in Riyadh - Abdulrahma...
The Business Continuity Conference, 25th October 2023 in Riyadh - Abdulrahma...
 
DEFLUFFING RESILIENCE
DEFLUFFING RESILIENCEDEFLUFFING RESILIENCE
DEFLUFFING RESILIENCE
 
CREATING AND MAINTAINING A BCM PROGRAM
CREATING AND MAINTAINING A BCM PROGRAM CREATING AND MAINTAINING A BCM PROGRAM
CREATING AND MAINTAINING A BCM PROGRAM
 
BCM Challenges and Compliance
BCM Challenges and Compliance BCM Challenges and Compliance
BCM Challenges and Compliance
 
Thriving in the Crisis Situation
Thriving in the Crisis SituationThriving in the Crisis Situation
Thriving in the Crisis Situation
 
Cyber Security & IT Resilience
Cyber Security & IT Resilience Cyber Security & IT Resilience
Cyber Security & IT Resilience
 
Enterprise Resilience
Enterprise ResilienceEnterprise Resilience
Enterprise Resilience
 
Advancing the Enterprise Towards Enterprise Resilience
Advancing the Enterprise Towards Enterprise ResilienceAdvancing the Enterprise Towards Enterprise Resilience
Advancing the Enterprise Towards Enterprise Resilience
 
Bcm is all about people!
Bcm is all about people!Bcm is all about people!
Bcm is all about people!
 
SAMA BCM Framework
SAMA BCM Framework SAMA BCM Framework
SAMA BCM Framework
 
Value of Work Place Services in the Middle East
Value of Work Place Services in the Middle EastValue of Work Place Services in the Middle East
Value of Work Place Services in the Middle East
 
Social Media Influence in the field of Crisis Management– Case Studies
Social Media Influence in the field of Crisis Management– Case StudiesSocial Media Influence in the field of Crisis Management– Case Studies
Social Media Influence in the field of Crisis Management– Case Studies
 
Cyber Resilience Tips and Techniques For Protection & Response
Cyber Resilience Tips and Techniques For Protection & Response Cyber Resilience Tips and Techniques For Protection & Response
Cyber Resilience Tips and Techniques For Protection & Response
 
Business Continuity and Information Security- An Excellent Fit!
Business Continuity and Information Security- An Excellent Fit!Business Continuity and Information Security- An Excellent Fit!
Business Continuity and Information Security- An Excellent Fit!
 
Crisis Communication & BCM in Aviation Sector
Crisis Communication & BCM in Aviation SectorCrisis Communication & BCM in Aviation Sector
Crisis Communication & BCM in Aviation Sector
 
Effectiveness of Disaster Management Ground Reality and Potential.
Effectiveness of Disaster Management Ground Reality and Potential.Effectiveness of Disaster Management Ground Reality and Potential.
Effectiveness of Disaster Management Ground Reality and Potential.
 

Recently uploaded

Auditing study material for b.com final year students
Auditing study material for b.com final year studentsAuditing study material for b.com final year students
Auditing study material for b.com final year students
narasimhamurthyh4
 
Helen Lubchak: Тренди в управлінні проєктами та miltech (UA)
Helen Lubchak: Тренди в управлінні проєктами та miltech (UA)Helen Lubchak: Тренди в управлінні проєктами та miltech (UA)
Helen Lubchak: Тренди в управлінні проєктами та miltech (UA)
Lviv Startup Club
 
Hamster Kombat' Telegram Game Surpasses 100 Million Players—Token Release Sch...
Hamster Kombat' Telegram Game Surpasses 100 Million Players—Token Release Sch...Hamster Kombat' Telegram Game Surpasses 100 Million Players—Token Release Sch...
Hamster Kombat' Telegram Game Surpasses 100 Million Players—Token Release Sch...
SOFTTECHHUB
 
Creative Web Design Company in Singapore
Creative Web Design Company in SingaporeCreative Web Design Company in Singapore
Creative Web Design Company in Singapore
techboxsqauremedia
 
The effects of customers service quality and online reviews on customer loyal...
The effects of customers service quality and online reviews on customer loyal...The effects of customers service quality and online reviews on customer loyal...
The effects of customers service quality and online reviews on customer loyal...
balatucanapplelovely
 
BeMetals Investor Presentation_June 1, 2024.pdf
BeMetals Investor Presentation_June 1, 2024.pdfBeMetals Investor Presentation_June 1, 2024.pdf
BeMetals Investor Presentation_June 1, 2024.pdf
DerekIwanaka1
 
amptalk_RecruitingDeck_english_2024.06.05
amptalk_RecruitingDeck_english_2024.06.05amptalk_RecruitingDeck_english_2024.06.05
amptalk_RecruitingDeck_english_2024.06.05
marketing317746
 
Exploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social DreamingExploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social Dreaming
Nicola Wreford-Howard
 
Observation Lab PowerPoint Assignment for TEM 431
Observation Lab PowerPoint Assignment for TEM 431Observation Lab PowerPoint Assignment for TEM 431
Observation Lab PowerPoint Assignment for TEM 431
ecamare2
 
Training my puppy and implementation in this story
Training my puppy and implementation in this storyTraining my puppy and implementation in this story
Training my puppy and implementation in this story
WilliamRodrigues148
 
ModelingMarketingStrategiesMKS.CollumbiaUniversitypdf
ModelingMarketingStrategiesMKS.CollumbiaUniversitypdfModelingMarketingStrategiesMKS.CollumbiaUniversitypdf
ModelingMarketingStrategiesMKS.CollumbiaUniversitypdf
fisherameliaisabella
 
Chapter 7 Final business management sciences .ppt
Chapter 7 Final business management sciences .pptChapter 7 Final business management sciences .ppt
Chapter 7 Final business management sciences .ppt
ssuser567e2d
 
Company Valuation webinar series - Tuesday, 4 June 2024
Company Valuation webinar series - Tuesday, 4 June 2024Company Valuation webinar series - Tuesday, 4 June 2024
Company Valuation webinar series - Tuesday, 4 June 2024
FelixPerez547899
 
Digital Transformation and IT Strategy Toolkit and Templates
Digital Transformation and IT Strategy Toolkit and TemplatesDigital Transformation and IT Strategy Toolkit and Templates
Digital Transformation and IT Strategy Toolkit and Templates
Aurelien Domont, MBA
 
ikea_woodgreen_petscharity_cat-alogue_digital.pdf
ikea_woodgreen_petscharity_cat-alogue_digital.pdfikea_woodgreen_petscharity_cat-alogue_digital.pdf
ikea_woodgreen_petscharity_cat-alogue_digital.pdf
agatadrynko
 
Premium MEAN Stack Development Solutions for Modern Businesses
Premium MEAN Stack Development Solutions for Modern BusinessesPremium MEAN Stack Development Solutions for Modern Businesses
Premium MEAN Stack Development Solutions for Modern Businesses
SynapseIndia
 
The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...
Adam Smith
 
Agency Managed Advisory Board As a Solution To Career Path Defining Business ...
Agency Managed Advisory Board As a Solution To Career Path Defining Business ...Agency Managed Advisory Board As a Solution To Career Path Defining Business ...
Agency Managed Advisory Board As a Solution To Career Path Defining Business ...
Boris Ziegler
 
Understanding User Needs and Satisfying Them
Understanding User Needs and Satisfying ThemUnderstanding User Needs and Satisfying Them
Understanding User Needs and Satisfying Them
Aggregage
 
Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)
Lviv Startup Club
 

Recently uploaded (20)

Auditing study material for b.com final year students
Auditing study material for b.com final year studentsAuditing study material for b.com final year students
Auditing study material for b.com final year students
 
Helen Lubchak: Тренди в управлінні проєктами та miltech (UA)
Helen Lubchak: Тренди в управлінні проєктами та miltech (UA)Helen Lubchak: Тренди в управлінні проєктами та miltech (UA)
Helen Lubchak: Тренди в управлінні проєктами та miltech (UA)
 
Hamster Kombat' Telegram Game Surpasses 100 Million Players—Token Release Sch...
Hamster Kombat' Telegram Game Surpasses 100 Million Players—Token Release Sch...Hamster Kombat' Telegram Game Surpasses 100 Million Players—Token Release Sch...
Hamster Kombat' Telegram Game Surpasses 100 Million Players—Token Release Sch...
 
Creative Web Design Company in Singapore
Creative Web Design Company in SingaporeCreative Web Design Company in Singapore
Creative Web Design Company in Singapore
 
The effects of customers service quality and online reviews on customer loyal...
The effects of customers service quality and online reviews on customer loyal...The effects of customers service quality and online reviews on customer loyal...
The effects of customers service quality and online reviews on customer loyal...
 
BeMetals Investor Presentation_June 1, 2024.pdf
BeMetals Investor Presentation_June 1, 2024.pdfBeMetals Investor Presentation_June 1, 2024.pdf
BeMetals Investor Presentation_June 1, 2024.pdf
 
amptalk_RecruitingDeck_english_2024.06.05
amptalk_RecruitingDeck_english_2024.06.05amptalk_RecruitingDeck_english_2024.06.05
amptalk_RecruitingDeck_english_2024.06.05
 
Exploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social DreamingExploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social Dreaming
 
Observation Lab PowerPoint Assignment for TEM 431
Observation Lab PowerPoint Assignment for TEM 431Observation Lab PowerPoint Assignment for TEM 431
Observation Lab PowerPoint Assignment for TEM 431
 
Training my puppy and implementation in this story
Training my puppy and implementation in this storyTraining my puppy and implementation in this story
Training my puppy and implementation in this story
 
ModelingMarketingStrategiesMKS.CollumbiaUniversitypdf
ModelingMarketingStrategiesMKS.CollumbiaUniversitypdfModelingMarketingStrategiesMKS.CollumbiaUniversitypdf
ModelingMarketingStrategiesMKS.CollumbiaUniversitypdf
 
Chapter 7 Final business management sciences .ppt
Chapter 7 Final business management sciences .pptChapter 7 Final business management sciences .ppt
Chapter 7 Final business management sciences .ppt
 
Company Valuation webinar series - Tuesday, 4 June 2024
Company Valuation webinar series - Tuesday, 4 June 2024Company Valuation webinar series - Tuesday, 4 June 2024
Company Valuation webinar series - Tuesday, 4 June 2024
 
Digital Transformation and IT Strategy Toolkit and Templates
Digital Transformation and IT Strategy Toolkit and TemplatesDigital Transformation and IT Strategy Toolkit and Templates
Digital Transformation and IT Strategy Toolkit and Templates
 
ikea_woodgreen_petscharity_cat-alogue_digital.pdf
ikea_woodgreen_petscharity_cat-alogue_digital.pdfikea_woodgreen_petscharity_cat-alogue_digital.pdf
ikea_woodgreen_petscharity_cat-alogue_digital.pdf
 
Premium MEAN Stack Development Solutions for Modern Businesses
Premium MEAN Stack Development Solutions for Modern BusinessesPremium MEAN Stack Development Solutions for Modern Businesses
Premium MEAN Stack Development Solutions for Modern Businesses
 
The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...
 
Agency Managed Advisory Board As a Solution To Career Path Defining Business ...
Agency Managed Advisory Board As a Solution To Career Path Defining Business ...Agency Managed Advisory Board As a Solution To Career Path Defining Business ...
Agency Managed Advisory Board As a Solution To Career Path Defining Business ...
 
Understanding User Needs and Satisfying Them
Understanding User Needs and Satisfying ThemUnderstanding User Needs and Satisfying Them
Understanding User Needs and Satisfying Them
 
Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)
 

Implementing a Risk Management System based on the ISO 31000

  • 1. © March 2018 Bureau Veritas •Continuity and Resilience (CORE) •ISO 22301 BCM Consulting Firm •Presentations by speakers at the 7th ME Business & IT Resilience Summit March 11, 2018 at The Address Hotel, Duabi Mall, Dubai, UAE Our Contact Details: UAE INDIA Continuity and Resilience Website: www.coreconsulting.ae Tel: +971 2 6594006 PO Box: 25722, Abu Dhabi, United Arab Emirates Email: info@continuityandresilience.com Continuity and Resilience Tel: +91 11 41055534 | Direct: +91 11 6467 9380 Email: info@continuityandresilience.com Website: www.coreconsulting.ae Level 15, Eros Corporate Towers, Nehru Place, New Delhi – 110019, India
  • 2. IMPLEMENTING RISK MANAGEMENT SYSTEM (Based on ISO 31000: 2018 Risk Management – Guidelines)
  • 3. 3IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Managing Risk The Challenge !!! ►We live in an ever-changing world where we are forced to deal with uncertainty every day. Why ? Organizations of all types and sizes face external and internal factors and influences that make it uncertain whether they will achieve their objectives.
  • 4. 4IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Success What Predicts Success ?? ►How an organization tackles that uncertainty can be a key predictor of its success Source : ISO 31000 Managing Risk
  • 5. 5IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Why Risk Management ? Preparing for and responding to negative events, from the predictable to the unforeseen, from the mundane to the catastrophic, has become a fact of life for businesses and governments around the world. Tackling these risks requires an integrated and holistic framework with the capability to identify, evaluate and adequately define responses to the circumstances This holistic approach gives organizations a better framework for mitigating risk while advancing their goals and opportunities in the face of business threats Source : ISO 31000
  • 6. 6IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Why ISO 31000 ? ►Risk is a necessary part of doing business and in a world where enormous amounts of data are being processed at increasingly rapid rates, identifying and mitigating risks is a challenge for any company. ►Many contracts and insurance agreements require solid evidence of good risk management practice. ►ISO 31000 provides direction on how companies can integrate risk-based decision making into an organization’s governance, planning, management,reporting, policies, values and culture Source : ISO 31000
  • 7. 7IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas ISO 31000:2018 Risk management ►This provides Guidelines on Managing risk faced by organizations. ►The application of these guidelines can be customized to any organization and its context. ►This document provides a common approach to managing any type of risk and is not industry or sector specific. ►This document can be used throughout the life of the organization and can be applied to any activity,including decision-making at all levels. Source : ISO 31000
  • 8. 8IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Implementing Risk Management ►is iterative and assists organizations in setting strategy, achieving objectives and making informed decisions. ►is part of governance and leadership, and is fundamental to how the organization is managed at all levels. It contributes to the improvement of management systems. ►is part of all activities associated with an organization and includes interaction with stakeholders ►considers the external and internal context of the organization, including human behaviour and cultural factors ►is based on the principles, framework and process. ►These components might already exist in full or in part within the organization, however, they might need to be adapted or improved so that managing risk is efficient, effective and consistentSource : ISO 31000
  • 9. 9IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Principles, framework and process
  • 10. 10IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Step 1 Define Risk Management Principles ►The purpose of risk management is the creation and protection of value. ► It improves performance, encourages innovation and supports the achievement of objectives. Source : ISO 31000
  • 11. 11IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas ISO 31000 Principles for risk management ►Risk management creates and protects value Contributes to the demonstrable achievement of objectives and improvement of performance in, for example, human health and safety, security, legal and regulatory compliance, public acceptance, environmental protection, product quality, project management, efficiency in operations, governance and reputation. ►Risk management is an integral part of all organizational processes Part of the responsibilities of management and of all organizational processes including strategic planning and project and change management processes. ►Risk management is part of decision making Helps decision makers make informed choices, prioritize actions and distinguish among alternative courses of action. ►Risk management explicitly addresses uncertainty Takes account of uncertainty, the nature of that uncertainty, and how it can be addressed. Source : ISO 31000
  • 12. 12IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Principles for risk management, continued .. ►Risk management is systematic, structured and timely A systematic, timely and structured approach contributes to efficiency and to consistent, comparable and reliable results. ►Risk management is based on the best available information The Inputs to the process are based on information sources such as historical data, experience, stakeholder feedback, observation, forecasts and expert judgment. ►Risk management is tailored. It is aligned with the organization's external and internal context and risk profile. ►Risk management takes human and cultural factors into account recognizes the capabilities, perceptions and intentions of external and internal people that can facilitate or hinder achievement of the organization's objectives. Source : ISO 31000
  • 13. 13IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Principles for risk management, continued … ►Risk management is transparent and inclusive. Appropriate and timely involvement of stakeholders and, in particular, decision makers at all levels of the organization, ensures that risk management remains relevant and up-to-date. Involvement also allows stakeholders to be properly represented and to have their views taken into account in determining risk criteria. ►Risk management is dynamic, iterative and responsive to change. Risk management continually senses and responds to change. As external and internal events occur, context and knowledge change, monitoring and review of risks take place, new risks emerge, some change, and others disappear. ►Risk management facilitates continual improvement of the organization Organizations should develop and implement strategies to improve their risk management maturity alongside all other aspects of their organization. Source : ISO 31000
  • 14. 14IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Step 2 Develop Risk Management Framework •The purpose of the risk management framework is to assist the organization in integrating risk management into significant activities and functions. •The effectiveness of risk management will depend on its integration into the governance of the organization, including decision-making. •This requires support from stakeholders, particularly top management. •Framework development encompasses integrating, designing, implementing, evaluating and improving risk management across the organization. Components of Framework Source : ISO 31000
  • 15. 15IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Step 3 Establish Risk Management process The risk management process involves the systematic application of policies, procedures and practices to the activities of : •Communicating and consulting, •Establishing the context and •Assessing, treating, monitoring, •Reviewing, recording and •Reporting risk. Source : ISO 31000
  • 16. 16IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Establish Risk Management process •The risk management process should be an integral part of management and decision-making and integrated into the structure, operations and processes of the organization. •It can be applied at strategic, operational, programme or project levels. Source : ISO 31000
  • 17. 17IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Step 4 Communication and consultation Communication and consultation aims to: •bring different areas of expertise together for each step of the risk management process; •ensure that different views are appropriately considered when defining risk criteria and when evaluating risks; • provide sufficient information to facilitate risk oversight and decision- making; •build a sense of inclusiveness and ownership among those affected by risk. Source : ISO 31000
  • 18. 18IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Step 5 Establishing the context •The purpose of establishing the scope, the context and criteria is to customize the risk management process, enabling effective risk assessment and appropriate risk treatment. •Scope, context and criteria involve defining the scope of the process, and understanding the external and internal context. Source : ISO 31000
  • 19. 19IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Step 6 Perform Risk assessment •Risk assessment is the overall process of risk identification, risk analysis and risk evaluation. •Risk assessment should be conducted systematically, iteratively and collaboratively, drawing on the knowledge and views of stakeholders. •It should use the best available information, supplemented by further enquiry as necessary. Source : ISO 31000
  • 20. 20IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Step 7 Risk Treatment •The purpose of risk treatment is to select and implement options for addressing risk. •Risk treatment involves an iterative process of: • formulating and selecting risk treatment options; • planning and implementing risk treatment; • assessing the effectiveness of that treatment; • deciding whether the remaining risk is acceptable; • if not acceptable, taking further treatment. Source : ISO 31000
  • 21. 21IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Step 8 Monitor and review Risk Management Process •The purpose of monitoring and review is to assure and improve the quality and effectiveness of process design, implementation and outcomes. •Ongoing monitoring and periodic review of the risk management process and its outcomes should be a planned part of the risk management process, with responsibilities clearly defined.. Source : ISO 31000
  • 22. 22IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Step 9 Recording and reporting outcomes •The risk management process and its outcomes should be documented and reported through appropriate mechanisms. •Recording and reporting aims to: • communicate risk management activities and outcomes across the organization; • provide information for decision-making; • improve risk management activities; • assist interaction with stakeholders, including those with responsibility and accountability for risk management activities. Source : ISO 31000
  • 23. 23IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas ISO 31000 Relationship with other management systems ► Leadership (corporate Governance) of an organisation is performed by Top Management and high level personnel of the different departments. ► To direct management and employees for common objectives and behaviours a policy of the organisation is deployed, communicated and implemented. ► Management Systems arrange the organisations different control mechanisms. ► Management-Information-Systems measure the activities in the organization and present the results with quantitative and financial indicators. ► All activities of the organisation must comply to statutory and regulatory requirements. Source : ISO 31000
  • 24. 24IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas ISO 31000 Connection with Other Management instruments Top Management “Corporate Governance“ Integrated Management- system Organizations policy Risk management Customer, statutory, regulatory and standardized requirements Management information system (with internal Controlling) Source : ONR 49000
  • 25. 25IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Risk Management and other related standards ISO 27001 : INFORMATION SECURITY MANAGEMENT SYSTEM ISO 22301 : BUSINESS CONTINUITY MANAGEMENT ISO 31000 : RISK MANAGEMENT GUIDELINES ISO27001:A.14.1 Information security aspects of business continuity management harmonize risk management processes in existing and future standards, dealing with specific risks and/or sectors, and does not replace those standards preservation of confidentiality, integrity and availability of information strategic and tactical capability of the organization to plan for and respond to incidents and business disruptions in order to continue business operations at an acceptable pre-defined level Also the QMS, EMS,OHSMS,ASSET MANAGEMENT to name a few in ISO series Requires Risk Management
  • 26. 26IMPLEMENTING RISK MANAGEMENT SYSTEM© March 2018 Bureau Veritas Thank You
  • 27. •Process Excellence and Resilience... • Creating Corporate Sustainability© March 2018 Bureau Veritas Continuity and Resilience (CORE) •ISO 22301 BCM Consulting Firm •Presentations by our partners and extended team of industry experts UAE INDIA Continuity and Resilience Website: www.coreconsulting.ae Tel: +971 2 6594006 PO Box: 25722, Abu Dhabi, United Arab Emirates Email: info@continuityandresilience.com Continuity and Resilience Tel: +91 11 41055534 | Direct: +91 11 6467 9380 Email: info@continuityandresilience.com Website: www.coreconsulting.ae Level 15, Eros Corporate Towers, Nehru Place, New Delhi – 110019, India

Editor's Notes

  1. Discuss with the delegates the principles. Describe the connection to policy.
  2. Discuss with the delegates the principles. Describe the connection to policy.
  3. Discuss with the delegates the principles. Describe the connection to policy.
  4. Discuss with the delegates the principles. Describe the connection to policy.
  5. Discuss with the delegates the principles. Describe the connection to policy.
  6. Discuss with the delegates the principles. Describe the connection to policy.
  7. Discuss with the delegates the principles. Describe the connection to policy.
  8. Discuss with the delegates the principles. Describe the connection to policy.
  9. Discuss with the delegates the principles. Describe the connection to policy.
  10. See graphical description on the following slide.