BFF5902
Introduction to Risk Principles
Lecture 4 –
Risk Context and Identification
MONASH
BUSINESS
SCHOOL
2
Learning objectives
§
Discuss the benefits of risk management standards
§
Identify the key characteristics of the ISO 31000:2009
Standard
§
Identify and explain the steps in the risk management
process
§
Identify and explain methods of risk identification
§
Explain the contents of a risk context statement
§
Identify and discuss key elements of a risk register
§
Explain a risk taxonomy, its design and use in risk
communication
Risk Management Standards
4
Risk Management Standards
§
A number of standards have been developed worldwide
to help organisations implement risk management
systematically and effectively.
§
These global standards seek to establish a common view
on frameworks, processes and practice, and are
generally set by recognised international standards
bodies or by industry groups.
§
The different standards reflect the different motivations
and technical focus of their developers, and are
appropriate for different organisations and situations.
§
Standards are normally voluntary, although adherence to
a standard may be required by regulators or by contract.
5
Benefits of a Risk Management Standard
§
Standards provide a number of benefits:
–
They generally have been vetted and benchmarked as best practices for
decision-making, i.e. tried and tested across many organisations.
–
Common definitions, methods and concepts permit the transfer of skills
and learning between organisations, i.e. the profession of risk
management and disciplined studies in risk management are
encouraged.
–
They provide a benchmark by which organisations can compare their
own maturity against others, i.e. use of benchmarking surveys.
–
They provide a stable set of requirements that encourages third parties
to develop technological solutions that can be shared across
organisations at lower cost, i.e. scalable IT solutions for risk
management processes.
–
They are a best practice reference against which the Board, the CEO,
auditors and other key staff can demonstrate the application of sound
risk management principles and thereby discharge their accountabilities.
6
Commonly used Global Risk Management Standards
–
ISO 31000 2009 – Risk Management Principles and Guidelines
–
COSO 2004 - Enterprise Risk Management - Integrated
Framework
–
A Risk Management Standard – IRM/Alarm/AIRMIC 2002 –
developed in 2002 by the UK’s 3 main risk organisations.
–
ISO/IEC 31010:2009 - Risk Management - Risk Assessment
Techniques
–
OCEG “Red Book” 2.0: 2009 - a Governance, Risk and
Compliance Capability Model
7
Key characteristics of the ISO 31000:2009 Standard
§
The ISO standard effectively integrates principles and practices
considered most effective by many experts and researchers.
You've reached the end of your free preview.
Want to read all 53 pages?
- Spring '18
