BFF5902 Introduction to Risk Principles Lecture 4 – Risk Context and Identification
MONASH BUSINESS SCHOOL 2 Learning objectives § Discuss the benefits of risk management standards § Identify the key characteristics of the ISO 31000:2009 Standard § Identify and explain the steps in the risk management process § Identify and explain methods of risk identification § Explain the contents of a risk context statement § Identify and discuss key elements of a risk register § Explain a risk taxonomy, its design and use in risk communication
Risk Management Standards
4 Risk Management Standards § A number of standards have been developed worldwide to help organisations implement risk management systematically and effectively. § These global standards seek to establish a common view on frameworks, processes and practice, and are generally set by recognised international standards bodies or by industry groups. § The different standards reflect the different motivations and technical focus of their developers, and are appropriate for different organisations and situations. § Standards are normally voluntary, although adherence to a standard may be required by regulators or by contract.
5 Benefits of a Risk Management Standard § Standards provide a number of benefits: – They generally have been vetted and benchmarked as best practices for decision-making, i.e. tried and tested across many organisations. – Common definitions, methods and concepts permit the transfer of skills and learning between organisations, i.e. the profession of risk management and disciplined studies in risk management are encouraged. – They provide a benchmark by which organisations can compare their own maturity against others, i.e. use of benchmarking surveys. – They provide a stable set of requirements that encourages third parties to develop technological solutions that can be shared across organisations at lower cost, i.e. scalable IT solutions for risk management processes. – They are a best practice reference against which the Board, the CEO, auditors and other key staff can demonstrate the application of sound risk management principles and thereby discharge their accountabilities.
6 Commonly used Global Risk Management Standards – ISO 31000 2009 – Risk Management Principles and Guidelines – COSO 2004 - Enterprise Risk Management - Integrated Framework – A Risk Management Standard – IRM/Alarm/AIRMIC 2002 – developed in 2002 by the UK’s 3 main risk organisations. – ISO/IEC 31010:2009 - Risk Management - Risk Assessment Techniques – OCEG “Red Book” 2.0: 2009 - a Governance, Risk and Compliance Capability Model
7 Key characteristics of the ISO 31000:2009 Standard § The ISO standard effectively integrates principles and practices considered most effective by many experts and researchers.
You've reached the end of your free preview.
Want to read all 53 pages?
- Spring '18