Fundamentals of Risk Management
Download 3.45 Mb. Pdf ko'rish
|
Fundamentals of Risk Management
1
Scope 2 Normative references Approaches to risk management 112 3 Terms and definitions 4 Context of the organization 5 Leadership 6 Planning 7 Support 8 Operation 9 Performance evaluation 10 Improvement It is interesting to note that the structure does not explicitly describe framework and process as separate items, in the way that these are presented in ISO 31000. Perhaps this is part of the reason that there are currently (November 2016) no plans to convert ISO 31000 into the Annex SL format. Nevertheless, the Annex SL structure enables organizations developing their own approach to enterprise risk management to devise an approach that is compatible with any other ISO standards implemented in the organization, including the most popular of all ISO standards – ISO 9001 on quality management. Many of the headings used in Annex SL will be familiar to risk professionals, including Clause 4: Context of the Organization. Clause 4 is intended to identify why the organization exists. As part of answering this question, the organization needs to identify external and internal issues that can impact on its intended outcomes, as well as all stakeholders and their requirements. Clause 5: Leadership and Clause 7: Support work together and can be considered to be equivalent to the risk architec- ture, strategy and protocols (RASP) in relation to Clause 5, and the components of embedded risk management as leadership, involvement, learning, accountability and communication (LILAC) in relation to Clause 7. Clause 6: Planning, Clause 8: Operation, Clause 9: Performance evaluation and Clause 10: Improvement are exactly equivalent to the plan–implement–measure– learn (PIML) approach described in this book. The PIML approach is similar to the plan–do–check–act (PDCA) terminology used by several organizations. An important aspect of Annex SL is that the planning stage described in Clause 6 sets out two sub-clauses: ● ● actions to address risks and opportunities; ● ● management system, objectives and planning to achieve them. This means that the requirement to plan and implement actions to address risks and opportunities is now embedded into ISO 9001 on quality management and will become embedded into other standards as the Annex SL format is progressively introduced. The important lesson for risk professionals, as an increasing number of management system standards are migrated into the Annex SL format, is to seek to ensure that the enterprise risk management initiative is fully aligned with the Annex SL approach. This should ensure greater acceptance of an enterprise risk management initiative within the organization. One further important point to note is that Clause 8: Operation is described as having the bulk of the management system requirement, including the overall process and management that will include adequate criteria to control the processes. |
Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©fayllar.org 2024
ma'muriyatiga murojaat qiling
ma'muriyatiga murojaat qiling