Embed Size (px)
Citation preview
ISO 31000 – 2009:
Risk Management –
Principles
and
Guidelines
Introduction
RISK• The effect of uncertainty on an organization’s objective
RM PRINCIPLES• To be satisfied to make risk management effective
COMPREHENSIVE FW• To ensure that risk is managed effectively, efficiently, and
conherently accross an org.
THE CONTEXT• As key feature, start of RM Process.• “The context”: internal context and external context.
Relationship: the RM principles, FW, and process
RM Principles and Guidelines:1. Scope
can be used by any public, private or community enterprise, association, group or individual.
can be applied throughout the life of an org., and to a wide range of activities, including strategies and decisions, operations, processes, functions, projects, products, services and assets.
not intended to promote uniformity of RM across org. The design and implementation of M plans and frameworks will need to take into account the varying contexts
RM Principles and Guidelines:3. Principles (1)
1. RM creates and protects value
2. RM is an integral part of all organizational processes
3. RM is part of decision making.
4. RM explicitly addresses uncertainty.
5. RM is systematic, structured and timely.
For RM to be effective, an org should at all levels comply with the principles:
RM Principles and Guidelines:3. Principles (2)
6. RM is based on the best available information
7. RM is tailored
8. RM takes human and cultural factor into account.
9. RM is transparent and inclusive
10. RM is dynamic, iterative and responsive to change11. RM facilitates continual improvement of the org.
For RM to be effective, an org should at all levels comply with the principles:
RM Principles and Guidelines:4. Framework (1)
RM Frame work
RM Process
RM Princip
les
mandate and commitment
design of FW for managing risk
implementing RM
monitoring and review of FW
continual improvement of the FW
Understanding the organization and its contextEstablishing risk management policy
AccountabilityIntegration into organizational processes
ResourcesEstablishing internal and external comm and reporting mechanisms
Implementing the FW for managing risk
Implementing the RM process
Communication and
Consultation
Risk Management Process
Monitoring and Review
Establishing the Context
Risk Assessment
Risk Identification
Risk Analysis
Risk Evaluation
Risk Treatment
RM Principles and Guidelines:5. Best Practice – Deloitte & Touche LLP
R isk Assessment D iag ram F low D iag ram
Develop Assessment
CriteriaAssess Risks Assess Risk
Interaction Priopritize RisksRespond to
Risks
Identity
Risks
For indept review, see:Risk Assessment in Practiceby Deloitte & Touche LLPCommissioned by COSOOctober 2012
Informasi Lebih Lanjut,Hubungi:
Yulias Caesar Sihombing/BPKP
http://facebook.com/Si.Om.Bing
id.linkedin.com/yulias-sihombing-ak-mak-cia
