The professionalization of risk management: What role can the ISO 31000 risk management principles play?

All management standards have requirements for different aspects of improvements on the personal level, family level, company level, in business and life. What is about national level and country level? Is it possible for today’s generations to learn history of nations and of civilizations? If it is — ok, let’s apply it on actual time and people to have less problems and difficulties — especially if is actual in field of risk management. Majority of people are occupied by today’s problems. They don’t consider past and future challenges. People from each country strive for better quality, better and cleaner environment, higher safety etc. historically and today. But could we remember: How did Genghis Khan conquer many regions and how was he defeated? How did Mayas and Aztecs die out? How were Native Americans in North America drastically reduced in numbers? How did the Roman Imperium vanish? How was the Ottoman Imperium established and how it vanished? How many people were killed in the wars in XX century, etc? In all these catastrophic changes risks were not considered in an adequate way. Requirements of risk management — Principles and guidelines — ISO 31000:2009 are very consultative. They could be used on country level, national level, regional level, continental and intercontinental level.

Download Full-text

Risk management. Guidance for the implementation of ISO 31000

10.3403/30246105 ◽

2013 ◽

Keyword(s):

Risk Management ◽

Management Guidance ◽

Iso 31000

Download Full-text

Risk management � Guidelines on using ISO 31000 in management systems

10.3403/30416550 ◽

2020 ◽

Cited By ~ 1

Keyword(s):

Risk Management ◽

Management Systems ◽

Management Guidelines ◽

Iso 31000

Download Full-text

Does the hiring of chief risk officers align with the COSO/ISO enterprise risk management frameworks?

International Journal of Accounting and Information Management ◽

10.1108/ijaim-04-2016-0037 ◽

2017 ◽

Vol 25 (3) ◽

pp. 274-295 ◽

Cited By ~ 2

Author(s):

Erastus Karanja

Keyword(s):

Risk Management ◽

Enterprise Risk Management ◽

Clear Understanding ◽

Press Releases ◽

Apparent Lack ◽

Content Type ◽

Business Operations ◽

Enterprise Risk ◽

The Press ◽

Iso 31000

Purpose There are two main industry-sanctioned enterprise risk management (ERM) models, that is, COSO 2004 and ISO 31000:2009, that firms refer to when implementing ERM programs. Taken together, the two ERM models specify that firms should implement ERM programs to meet a strategic need, improve operations and reporting or to comply with government regulations or industry best practices. In addition, the focus of ERM implementation should be either the subsidiary, business unit, division, firm/entity or global level. The purpose of this study is to investigate whether firms are aligning their ERM implementations with these tenets: strategy, operations, reporting, compliance and the level of implementation. Design/methodology/approach The proxy for ERM implementation is the hiring of a Chief Risk Officer (CRO). The research data come from a sample of 122 US firms that issued a press release following the hiring of a CRO between 2010 and 2014. The press releases were retrieved and aggregated through content analysis in LexisNexis Academic. Findings The results reveal that many ERM implementations are occurring at the firm/entity level, and with the exception of reporting, firms consider ERM to be a strategic firm resource capable of improving business operations and compliance initiatives. Originality/value There is a dearth of research studies specifically investigating whether ERM programs adopted by firms are aligned with the specification of COSO 2004 and ISO 31000:2009 frameworks. The apparent lack of a clear understanding of the alignment between the firm ERM programs and the industry’s ERM frameworks may limit the development and implementation of ERM and the eventual realization of the benefits associated with a successful ERM implementation.

Download Full-text

Risk management in the healthcare safety management system

Journal of Digital Science ◽

10.33847/2686-8296.3.1_4 ◽

2021 ◽

Vol 3 (1) ◽

pp. 41-53

Author(s):

Yuriy Voskanyan ◽

Irina Shikina ◽

Fedor Kidalov ◽

David Davidov ◽

Tatiana Abrosimova

Keyword(s):

Risk Management ◽

Management System ◽

Safety Management ◽

Medical Organization ◽

Safety Management System ◽

Risk Management Process ◽

Iso 31000 ◽

Main Components ◽

Processing Subsystem ◽

To Receive

The paper discusses the main components of the modern system of risk management in medicine. Using the ISO 31000 standard of risk management and the ARIS integrated modeling environment, the authors have built a model of the risk management process in a medical organization, including the accounting subsystem, the risk analysis subsystem, and the risk processing subsystem. The concept of risk management proposed in the article is formulated on the basis of a system safety model, which assumes that adverse events related to the provision of medical care are based on systemic causes that under certain conditions turn into a hazard, and the latter is used to receive active threats and incidents. The risk management system is an executive block of the safety management system in a medical organization, which includes (in addition to risk management) an ideological block (a new safety culture) and an educational block (an organizational learning subsystem).

Download Full-text

RISK MANAGEMENT SYSTEM ON RAILWAY TRANSPORT

Market Infrastructure ◽

10.32843/infrastruct58-13 ◽

2021 ◽

Author(s):

Olena Tsvirko ◽

Denys Krylov

Keyword(s):

Risk Management ◽

Management System ◽

Large Scale ◽

Structural Reform ◽

Railway Transport ◽

Short Term ◽

Risk Assessment Models ◽

Risk Management System ◽

Risk Management Process ◽

Iso 31000

The article considers the concept of "risk in railway transport", identifies the types of risks that exist in the railway transport of Ukraine; determined that the processes of transformation of economic relations in Ukraine require the deepening of theoretical and practical developments in risk management in the field of railway transport; the risk management process according to the ISO 31000: 2018 standard is given; according to the implemented Strategy and Policy of JSC "Ukrzaliznytsia" the main tasks of the risk management system are defined and the risk map of JSC "Ukrzaliznytsia" is developed; The results of the structural reform of railway transport were insufficient to create effective sources of development in the short term, which will ensure large-scale attraction of funds for the development of the industry and its modernization. The results of the structural reform of railway transport were insufficient to create effective sources of development in the short term, which will ensure large-scale attraction of funds for the development of the industry and its modernization. Many types of risks that need to be assessed, as well as different purposes of assessing the same type of risk (for the purposes of state supervision and company purposes) provide JSC "Ukrzaliznytsia" a real challenge in terms of building risk assessment models. The task of applying the method of assessing a specific type of risk is significantly different from the task of building a methodology for assessing the risks of a large company. In solving this problem, it is important to keep in mind that a method successfully applied in one area may be completely ineffective in another. Risk classification of JSC "Ukrzaliznytsia" should be carried out taking into account the existing management structure, as well as the tasks to be solved at each level of management; the effect of the risk management system should be synergistic, each element of each level of management should be effective: from the structural unit at the linear level to the department of the corporate level of management. Currently, for the company's internal purposes, several dozen risks have been formulated related to various areas of life of JSC UZ: from financial activities to locomotive maintenance and innovative development.

Download Full-text

EVALUATION OF INFORMATION SECURITY RISK MANAGEMENT USING COBIT 5 SUBDOMAIN EDM03 (ENSURE RISK OPTIMIZATION)

Jurnal Terapan Teknologi Informasi ◽

10.21460/jutei.2018.21.53 ◽

2018 ◽

Vol 2 (1) ◽

pp. 12-21

Author(s):

Fransisca Tiarawati Riadi ◽

Augie David Manuputty ◽

Alhadi Saputra

Keyword(s):

Risk Management ◽

Information Security ◽

Security Risk ◽

Risk Optimization ◽

Iso 31000 ◽

Information Security Risk ◽

Level 1 ◽

Security Risk Management

Pentingnya penggunaan Teknologi Informasi (TI) tidak bisa dipisahkan dari risiko-risiko yang akan mungkin terjadi. Satuan organisasi XYZ sendiri telah menerapkan manajemen risiko keamanan informasi menggunakan standar ISO 31000:2009 untuk meminimalisir risiko-risiko tersebut. Penerapan manajemen risiko keamanan informasi dilakukan agar satuan organisasi XYZ dapat mengetahui optimasi risiko yang dikelola satuan organisasi XYZ sudah berjalan dengan baik dan memberikan dampak yang signifikan. Sehingga satuan organsasi XYZ perlu melakukan evaluasi untuk mengetahui tingkat kapabilitas dalam memastikan optimasi risiko yang telah dilaksanakan satuan organisasi terhadap layanan TI. Framework COBIT 5 digunakan untuk melakukan evaluasi manajemen risiko keamanan informasi dengan melakukan pengukuran tingkat kapabilitas yang memfokuskan pada subdomain EDM03 (Ensure Risk Optimisation). Hasil penelitian ini pada subdomain EDM03 memiliki tingkat kapabilitas pada level 1 performed process kategori largely achieved dengan nilai 78,29%. Pada level ini proses yang diimplementasikan organisasi mencapai tujuan prosesnya. Manfaat penelitian ini bagi satuan organisasi XYZ dapat membantu manajemen risiko keamanan informasi dan pengimplementasi framework ISO 31000 mencapai nilai optimal dalam mendukung layanan TIK di Lembaga ABC.

Download Full-text

A REVIEW STRATEGIES INTEGRATING MS ISO 31000:2010 RISK MANAGEMENT PROCESS INTO PROJECT LIFECYCLE FOR MALAYSIA LANDSCAPE PROJECT ORGANISATION

Journal of Surveying Construction & Property ◽

10.22452/jscp.vol10no1.2 ◽

2019 ◽

Vol 10 (1) ◽

pp. 16-30

Author(s):

Adam Aruldewan S.Muthuveeran ◽

Osman Mohd Tahir ◽

Roziya Ibrahim ◽

Saipol Bari Abd Karim ◽

Elly Widiyanty Rasidin

Keyword(s):

Risk Management ◽

Management Process ◽

Risk Management Process ◽

Iso 31000 ◽

Project Lifecycle

Download Full-text

55000 Implementation Proposal Integrated With a Risk Management System for a Water Utility Case

Advanced Models and Tools for Effective Decision Making Under Uncertainty and Risk Contexts - Advances in Business Strategy and Competitive Advantage ◽

10.4018/978-1-7998-3246-1.ch011 ◽

2021 ◽

pp. 277-298

Author(s):

Pablo Zahera ◽

Vicente Gonzalez-Prida

Keyword(s):

Risk Management ◽

Asset Management ◽

Management System ◽

Iterative Process ◽

Water Utility ◽

Risk Management System ◽

Starting Point ◽

Iso 31000

The main objective of this chapter is to suggest a methodology for the application of ISO 55000 for a water utility in order to obtain all the benefits of asset management from the starting point of application. In addition, risk is an important part of this methodology, so it also complies with the clauses of ISO 31000. The methodology consists of six steps to be carried out: plan (1), implement (2), risk management (3), monitor (4), analyze (5) and make decisions and improvements (6). The application of this methodology is an iterative process in which the information obtained is going to be used in the previous and subsequent steps so that its benefits are greater as time goes by. At each point in the guide, the actions to be taken in compliance with the clauses and sub-clauses of ISO 55001 will be proposed along with some documents so that companies have a clearer idea of how to proceed.

Download Full-text

Risk management system model to improve the reputation of oil and gas companies in the Java island - Indonesia

MATEC Web of Conferences ◽

10.1051/matecconf/201927602014 ◽

2019 ◽

Vol 276 ◽

pp. 02014

Author(s):

Nevila Rodhi Nova ◽

I Putu Artama Wiguna ◽

Anwar Nadjadji

Keyword(s):

Sustainable Development ◽

Risk Management ◽

Management System ◽

Oil And Gas ◽

Negative Impact ◽

Risk Management System ◽

Preventive Method ◽

Iso 31000 ◽

Social Environmental ◽

Oil And Gas Companies

Risk management has been widely studied and applied in oil and gas pipeline projects, but the reality is that the impacts still occur. This is due to the ineffectiveness of existing risk management applications, so of course in this case an effective risk management system is needed, in which risk management must pay attention to all aspects that exist, both internal aspects, external aspects, and other aspects that can affect and influenced by existing risks and risk management not only can be used as a preventive method. But it can also support sustainable development targets. This paper presents the application of risk management by oil and gas companies in Indonesia that has been adapted to ISO 31000:2009 as a framework that can integrate various other management processes, including the management of HSE (Health, Safety, and Environment) risk in the hope of that sustainable development can be achieved . But in the reality it can not be denied that the activities that continue to this day still cause negative impact, especially for the environment. International oil and gas companies nowadays place more emphasis on preventive measures than the methods of mitigation. Thus it shows that the concept of sustainable development has not been fully considered in risk management applications. The existence of a continuous negative impact would greatly affect the credibility of oil and gas companies. Based on the results of research conducted with the hybrid method and analyzed with the help of System Dynamics it can be concluded that there are 3 (three) factors that can affect reputation risk, these factors are social, environmental, and economic and the model built in this study shows that it will can help the oil and gas company players to predict and improve the company’s reputation.

Download Full-text