GETTING OUR RISK MANAGEMENT RIGHT ON TRACK

One of the biggest mistakes of failure in implementing risk management is taking the risk management framework as it is without considering the organization culture

Risk Management is implemented to pursue opportunities and effectively exploit the limited internal capability instead only managing the adverse affects due to uncertainties. It is important to identify up-front the organization expectation when implementing risk management such as improved decision making process in setting corporate strategy, reduced risk exposure in key areas, improve compliance, enhance efficiency on operations and profitability, etc. Organization that is struggling to effectively implement risk management or have not implemented a formal, proactive, structured risk management framework could use ISO 31000 as a useful guidance. ISO 31000 acknowledge the importance of continually enhance the risk management framework using 5 attributes as follows:

  • Continual Improvement
  • Full Accountability for Risks
  • Application of Risk Management in all Decision Making Processes
  • Continual Communications
  • Full Integration in the Organization’s Governance Structure

 

One of the biggest mistakes of failure in implementing risk management is taking the risk management framework as it is without considering the organization culture. In order to enhance or get the risk management right on track using ISO 31000, here is the suggested “to do list” for smooth transition.

the example of transition process on ISO31000

  • Refine the Benefits/Impact of implementing ERM throughout the organization lead by the Boards and ERM Unit/Project Team and create a measurement process to determine to what extent these objectives will be achieved
  • Review and Update the existing risk management framework and amend the documentation to align with prerequisite elements in ISO 31000. Keep a record of enhancement as evidence of continual improvement.
  • Communicate the key changes to all organization personnel and notify them that the organization now follows an international risk management standard
  • Appoint the key risk owner for risk management ‘refresher’ training in order to encourage the risk owners to undertake a review of their risks and update their risk register

 

 

    One thought on “GETTING OUR RISK MANAGEMENT RIGHT ON TRACK

    1. I have to admit I was hitting my head against the wall for 10 years trying to understand why firms were not really interested in the benefits of ERM. But when I finally figured out that when I was saying ERM, they were hearing compliance and the only benefit of compliance is not having to worry about complying.

    Leave a Reply

    Fill in your details below or click an icon to log in:

    WordPress.com Logo

    You are commenting using your WordPress.com account. Log Out / Change )

    Twitter picture

    You are commenting using your Twitter account. Log Out / Change )

    Facebook photo

    You are commenting using your Facebook account. Log Out / Change )

    Google+ photo

    You are commenting using your Google+ account. Log Out / Change )

    Connecting to %s