Enterprise Risk - Summer 2016

Page 32

Feature

PRACTICE

Aiming for the pinnacle The industry benchmark principles for risk management are undergoing change. But the challenges of full implementation are likely to remain BY SARA KAMIYA

O

ne of the most widely accepted set of principles and guidelines for implementing risk management in organisations is up for revision. Since its publication in 2009, ISO 31000 has been adopted as a national standard by more than 50 national standards bodies covering over 70 % of the global population, according to the International Organisation for Standardisation which publishes the guidance. That includes UN agencies and national governments, especially in the areas of disaster risk reduction and the management of disaster risk. One of the attractions of ISO 31000 is its flexibility. It builds on a well-known Enterprise Risk Management (ERM) standard published by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) back in 2004 – and provides clarity to the meaning of key risk management terms, approaches and their limitations. “Importantly,” says the IRM’s guide to the standard A structured approach to Enterprise Risk Management, “the guide recognises that risk has both an upside and downside.”

Risk managers need to be able to identify, quantify and communicate the return on investment of an effective enterprise-wide risk management process based on ISO 31000

Why revise? So, why revise it? “A need was expressed by risk practitioners, especially in the G20 economies, for a highlevel document that reflects the way risk is managed in multinational organizations and national governments,”

32

Enterprise Risk


Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.