ISO 31000 A new approach of the risk and its management Pr. Gilles Motet Foundation for an Industrial Safety Culture
http://www.icsi-eu.org Protezione del territoro verso l’EXPO 2015 Strategie e buone pratiche Milano – February 19th 2009 1
New ISO standards
September 2009: Guide 73 « Risk management – Vocabulary » (revision) ISO 31000 « Risk management – Principles and guidelines » (new)
Various organizations: industries, representatives, NGO, private & public, etc. Various sectors: health & safety, finance, transport, etc. 2
Contents
Risk Risk Management Process Risk Management Framework Risk Management Principles
3
What risk means?
Risk = Hazard (1st definition) Example: Speed Leads to an hazardous event Risk treatment: hazard reduction Why hazard is an issue? Leads to benefits ! (short journey)
4
What risk means?
Risk = Potential harms (2nd definition)
Example: accident
Risk treatment: e.g. protection Why are we using a car? 5
What risk means? Objectives: Arrive at office safely Before 9H AM Listening news to the radio
Objectives
Decision An hazardous event hampers these objectives to be achieved
Time
Risk=effect of uncertainty on achievement of objectives 6
What risk means?
Historical change: Hazard
Potential event
Objective
Technician
Engineer
Manager
Control (technology)
Analyse (Model)
Decide (Decision-making) 7
Contents
Risk Risk Management Process Risk Management Framework Risk Management Principles
8
Risk Management process
Risk is the effect of uncertainty on achievement of objectives Means to achieve objectives Planned Actual
Objectives
Time t0
t1 9
Risk Management process
Risk management = coordinated activities to direct and control an organization with regard to risk Expected result: Objectives
Time t0
t1 10
Risk Management process
Two parallel activities aiming at achieving objectives (current activity) Controlling the effect of uncertainty (risk management) Risk management Current activity
Effects
How to control risk? 11
Risk Management process
Monitoring and review
Identification Analysis Evaluation Residual risks
Treatment
Communication and consultation
Establishing the context
12
Contents
Risk Risk Management Process Risk Management Framework Risk Management Principles
13
Framework
Processes have to be included in the activities, and controlled
by the organization Framework includes: Specification of the top management mandate and commitment Trade-off between various objectives: safety & security Definition of the means to be used by the processes (models, techniques, tools, etc.) Process improvement . . . 14
Framework
Process of the framework: a PDCA Ex. Assessment of techniques efficiency Use of new techniques
15
Contents
Risk Risk Management Process Risk Management Framework Risk Management Principles
16
Principles
Framework & process must be steered by principles. Example: “Takes human and cultural factors into account� => Internal context of the organization (framework) Stakeholders (process)
17
Questions ?
“For an Industrial Safety Culture” http://www.icsi-eu.org 18