ISO ‘Misses the Mark’ on Context
SO 31000:2009 included several definitions that provide the support for organizations to understand the meaning of context:
Establishing the context (2.9) – defining the external and internal parameters to be considered when managing risk and setting the scope and risk criteria (2.22) for the risk management policy (2.4). Continue reading
In my past two blogs, we have examined the risk-aware culture[i] and the risk management process[ii] as found in ISO 31000:2018 and COSO ERM 2017. This blog will address the third structural element defined by these documents – “risk management framework.” ISO 31000:2018 includes the risk management framework along with the risk-aware culture and the risk management process. COSO ERM 2017 is a risk management framework even though it addresses what ISO 31000:2018 addresses in its three-component risk management standard. Continue reading
There are two widely-used risk management standards:
In my previous blog[i], I presented details on how these risk management standards address the development of a risk-aware culture – a necessary foundation for risk management success. As promised, this blog will address the risk management “process.” This is how the organization addresses specific risks. Continue reading
The two most widely-used risk management system standards are ISO 31000:2018 and COSO ERM:2017.
ISO 31000:2018[i] presents eight ‘principles’ to provide guidance on the characteristics of having efficient and effective risk management, communicating its value, and explaining its intention and purpose. These principles are offered as the foundation for managing risk and seeks the users’ consideration when establishing the organization’s risk management framework and processes. Continue reading
On My Left is COSO ERM:2017! On My Right is ISO 31000:2018!
Many companies are in the process of conducting the risk management taste test. The problem is that many of these companies are not yet sold on risk management. However, stakeholders, institutional investors and the US Securities and Exchange Commission have other ideas. Continue reading