Everand Logo

Welcome to Everand!

  • Discover millions of ebooks, audiobooks, and so much more with a free trial

    From $11.99/month after trial. Cancel anytime.

    Risk Management and ISO 31000: A pocket guide
    Risk Management and ISO 31000: A pocket guide
    Risk Management and ISO 31000: A pocket guide
    Ebook59 pages1 hour

    Risk Management and ISO 31000: A pocket guide

    By Alan Field and Alistair (Male Synthesized Voice)

    ()

    Read preview

    About this ebook

    Risk management is a primary concern for any organisation. Its significance has only increased since the start of the COVID-19 pandemic. Organisations need to prepare for all types of threats, both probable (a server breaking down) and improbable (the office being flooded), to ensure that their operations can survive and adapt to continue with BAU (business as usual) in the face of a disaster.

    Yet risk management isn’t solely about preventing negative outcomes, it is also about an organisation taking a known risk to uncover new opportunities to improve the organisation. For example, the transition of employees to remote working could risk an organisation’s security as an employee could connect their laptop to an unsecure Wi-Fi connection. However, as demonstrated in the pandemic, remote working helped protect employees as the risk of infecting one another with COVID-19 was reduced.

    Read this pocket guide to understand how:

    • Risk-based management can prepare your organisation for future threats and therefore help the success of a BCP (business continuity plan);
    • To identify whether the opportunities gained from a ‘risky’ decision can outweigh the perceived threat;
    • The principles of ISO 31000 can help your organisation develop a framework for its approach to risk management;
    • The guidelines of ISO 31000 can be interwoven with controls in other standards such as ISO 27001 and ISO 9001; and
    • The organisation must continually review its approach to risk management to stay prepared for the latest threats.
    LanguageEnglish
    Publisheritgovernance
    Release dateMar 14, 2023
    ISBN9781787784178
    Author

    Alan Field

    Alan Field, LL.B (Hons), PgC, MCQI CQP, MIIRSM, AIEMA, GIFireE, GradIOSH is a Chartered Quality Professional, an IRCA Registered Lead Auditor and Member of The Society of Authors. Alan has particular expertise in auditing and third party assessing Anti-bribery Management Systems (ABMS) to BS10500 and counter fraud systems in the public sector to ISO 9001 requirements. Alan has many years’ experience with Quality and Integrated Management Systems in the legal, financial, property services and project management sectors in auditing, assessment and gap analysis roles.

    Read more from Alan Field

    Related to Risk Management and ISO 31000

    Related ebooks

    Computers For You

    View More
    View More

    Related podcast episodes

    Related articles

    • UNLIMITED

      Approaching Risk from The Boardroom

      Dec 2, 2022

      Looking into risk from the perspective of the boardroom demands a note on the concept of corporate governance itself and the resulting implications. Shareholders are the principals and need to have their rights protected; management is nominated and

      7 min read

    • UNLIMITED

      The Need To Rethink Risk Governance

      Jul 26, 2021

      The Need To Rethink Risk Governance
      5 min read

    • UNLIMITED

      A Framework For Risk Governance

      Oct 2, 2023

      A Framework For Risk Governance
      11 min read

    • UNLIMITED

      Choosing The Best Fit

      Aug 7, 2020

      all investments have an impact – either positive or negative. A positive impact can be generated deliberately or unintentionally. Selecting the right metrics is an important tenet of the impact measurement and management process. But simply measuring

      2 min read

    • UNLIMITED

      Models To Scale Esg Metrics And Data

      May 28, 2024

      Models To Scale Esg Metrics And Data
      6 min read

    • UNLIMITED

      Survival Of The Fittest

      Aug 7, 2020

      for years, the campaign to hold companies – and not just their shareholders, but the societies and economies in which they operate – more accountable, moved at a modest but resolute pace. This past year, though, theCovid-19 crisis laid bare the neces

      2 min read

    • UNLIMITED

      Esg: Decoding Its Opportunities

      Feb 6, 2023

      There is a new sense of urgency in addressing ESG issues, created in part by the palpable effects of climate change and the social and economic fallout of the COVID-19 pandemic. However, there are many misnomers about what ESG is and it is critical t

      3 min read

    • UNLIMITED

      ESG Disclosure Standards Go Global With ISSB Launch

      Nov 5, 2021

      Anyone who has dipped a toe in environmental, social, and governance (ESG) investing knows that there is an alphabet soup of reporting standards aiming to measure corporate adherence to sustainability. Because government regulators have been reluctan

      2 min read

    • UNLIMITED

      The Cycle Of Esg And Compliance

      Feb 11, 2022

      The Cycle Of Esg And Compliance
      4 min read

    • UNLIMITED

      Making A Corrosion Strategy

      Feb 25, 2018

      The degradation of private and public assets and infrastructure continues to have a major economic impact on industry and the wider community. In Australia, the yearly cost of asset maintenance is estimated to be approximately $32 billion, with $8 bi

      4 min read

    • UNLIMITED

      A Focus on ESG

      Oct 19, 2021

      A Focus on ESG
      2 min read

    • UNLIMITED

      Industry Assurance Schemes

      Dec 16, 2019

      Industry Assurance Schemes
      4 min read

    • UNLIMITED

      Are You Prepared To Take The Risk?

      May 25, 2021

      Risk is a fact of life for businesses of all kinds – large and small. If we’re lucky, we might see it coming, so that we have an opportunity to formulate a coping strategy. But how can managers and employees be best prepared to deal with the unexpect

      9 min read

    • UNLIMITED

      Does Your Investment Portfolio Have Emergency Air Bags Installed?

      Mar 6, 2020

      Between the late-February market sell-off due to Coronavirus fears and the record highs achieved in January, I've spent a lot of time this year fielding questions from clients about whether it might be time to pull out of the markets. Surprising, rig

      4 min read

    • UNLIMITED

      How Do You Know You Are Okay?

      May 27, 2019

      How Do You Know You Are Okay?
      2 min read

    • UNLIMITED

      Check Out Your Stock's ESG Report Card

      Aug 27, 2021

      Though not exactly page-turners, corporate sustainability reports are must-reads if you want to align your investments with your values. A sustainability report goes beyond traditional financial numbers to highlight a company's environmental, social

      4 min read

    Related categories

    Reviews for Risk Management and ISO 31000

    0 ratings

    0 ratings0 reviews

    What did you think?

    Tap to rate

    Review must be at least 10 words

      Book preview

      Risk Management and ISO 31000 - Alan Field

      INTRODUCTION

      This pocket guide isn’t written for experts on risk management or, necessarily, experts on management systems. However, it does assume the importance of risk management to all organisations – big and small – and recognises that not having a formal process to identify, assess and control risk can lead to many issues, including difficulties in implementing management systems based on ISO standards. The ISO 9000 family of standards are process based, and this pocket guide will focus on how this broad approach works in a wider arena than a process focus would normally involve.

      The absence of a risk-based approach to management might also lead to opportunities being missed or simply not being exploited to their full potential. Risk management is not just about managing negative or catastrophic events, decisions on competing research and development possibilities is one example of a positive. A risk-based approach to management may reduce unnecessary expense or divert resources to better controls. For example, ISO 27002 provides 'attributes' to controls (identifying control type, operational capabilities, security domains, cybersecurity concepts and information security properties), helping the risk assessor to make more informed decisions about which controls might best respond to a given risk.

      To achieve all these in effectively, we may require a management system that understands risks and opportunities in a strategic way in terms of leadership priorities. It might be tempting to look at these requirements as something tactical or operational but the leadership’s attitude towards risk and the priorities for dealing with risks will always impact an organisation’s attributes.

      This pocket guide is intended to be of interest to those whose experience of risk or management systems has always been very sector based. A life spent looking at financial or governance risk could be surprisingly helpful in understanding how different policies and approaches to risk can be developed.

      Annex SL is the structure implemented by ISO standards such as ISO 9001 and ISO 27001. Its purpose is to be a platform for these and other ISO’s risk-based management system requirements, so that any size of organisation can create better systems across multiple standards by having a common format of clauses and goals. Even if you never intend to implement something like ISO 27001, reading Annex SL is like reading the UK’s HSG65 for health and safety management systems; it contains much food for thought.

      This pocket guide will often use the terms ‘strategic’ and ‘tactical’, and this will mean different things to different organisations. Annex SL assumes that top management and the wider leadership team take a key part in risk policy and decision making, and this is always useful to be aware of when considering the points made in this pocket guide.

      The main focus of this pocket guide will be looking at ISO’s Annex SL (sometimes referred to as Annex L) and how it requires a risk-based approach to management to be adopted by other international standards in the ISO 9000 family, e.g. ISO 9001:2015 and ISO 27001:2022. Although risk is referred to regularly in these standards, there isn’t much of a practical definition of what risks and opportunities actually mean in practice to an individual organisation; as we will see, one advantage of IS0 31000 is that it can inspire the creation of an infrastructure to achieve a risk universe.

      This pocket guide will also discuss how risk can be defined within a management system, i.e. what isn’t written in international standards about defining risk and the implications of a risk-based approach to management.

      This approach means our focus will be on risk management

      Enjoying the preview?
      Page 1 of 1