ISO 31000 Risk Management
ISO 31000 is the formal recognition of ERM by the international standards organization.
ISO 31000 is a ‘risk management – principle and guideline’ provides a reference framework that organization can use to design, build, implement and audit their ERM.
VISION ISO provide ISO 31000 consulting and implementation support.
– Understanding organization context
– Enterprise risk mapping
– Prioritizing risk
– Risk assessment
– Risk management options
– Risk dashboard
– Control enforcement
– Policy/documentation support
-Coaching chief risk officers
– Coaching teams/employees
– Internal audit and Management review.
The risk management process involves:
This includes an understanding of the current conditions in which the organization operates on an internal, external and risk management context.
This includes the documentation of the material threats to the organization’s achievement of its objectives and the representation of areas that the organization may exploit for competitive advantage.
This includes the calibration and, if possible, creation of probability distributions of outcomes for each material risk.
This includes the aggregation of all risk distributions, reflecting correlations and portfolio effects, and the formulation of the results in terms of impact on the organization’s key performance metrics.
This includes the determination of the contribution of each risk to the aggregate risk profile, and appropriate prioritization.
An evaluation of your current capabilities against the standard.
Monitoring and Reviewing
This includes the continual measurement and monitoring of the risk environment and the performance of the risk management strategies.