ISO 31000 needs to address the understanding of the fundamental nature of risk if it hopes to advance the maturity of risk practices in business.

Risk Management is firmly entrenched in a world of re-active modelling and reporting that belies the goals of ISO 31000 and until there is an epiphany in the industry on understanding the nature of risk, it is unlikely that ISO 31000 will achieve anything more than a documentary role in corporate governance and business management.  Risk Management must add value, and this means add Shareholder Value, if it is to be accepted as a part the strategic management of business. Continue reading →