Threat information was systematized in 1995 in the first national Australian and New Zealand risk management standard, known as AS/NZS 4360:1995 . It was based on the research and practice of Robert Morris, Russell Gallagher, Douglas Barrow, Joseph Kenneth Arrow, etc.
The next one, ACS/NZS 4360:2004 «Risk management», contains general recommendations on risk management. Based on them, the management of state, private, public institutions, as well as groups and individuals can plan, make decisions, see growth points and threats. This approach also allows collecting information in changing situations, devoid of certainty.
The International Organization for Standardization (ISO) has developed a unified terminology in ISO/IEC Guide 73 “Risk Management — Vocabulary” and general guidelines in the field of risk management in ISO 31000:2009 “Risk management — Principles and guidelines”.
The end of the last century business owner database can help was marked by the development of standardization in the area of interest to us at the international, national and industry levels. At that time, the following standards appeared: the Committee of Sponsoring Organizations of the Treadway Commission (COSO, USA); the Federation of European Risk Managers Associations (FERMA); the risk management standard ISO 31000:2009. In addition, national documents were created in countries with Anglo-Saxon law - this is Japan, New Zealand, Australia, Canada, Great Britain, etc.
Risk Management Standards
Among international standards in the field of risk management, the key one is considered to be the ISO 31000 series of documents. This group includes:
ISO 31000:2009 “Risk management — Principles and guidelines” and the identical GOST R ISO 31000–2010 “Risk management. Principles and guidelines”;
ISO/ IEC 31010:2009 “Risk management — Risk assessment techniques”, as well as its analogue GOST R ISO/IEC 31010:2009 “Risk management. Risk assessment techniques”;
ISO Guide 73:2009 “Risk management — Vocabulary — Guidelines for use in standards” or GOST R ISO 73:2009 “Risk management. Vocabulary. Guidelines for use in standards”.
Case: VT-metall
Find out how we reduced the cost of attracting an application by 13 times for a metalworking company in Moscow
Find out how
The development of these documents was carried out by the working group on risk management of the ISO Technical Management Bureau (TMB). The task of the specialists was to form a general guide, a unified understanding and terminology of this area. They were also supposed to provide recommendations on the selection and application of approaches to risk assessment.
Companies listed on the New York Stock Exchange are required to comply with the European COSO standards , while FERMA and ISO 31000 may be followed at the discretion of management.
COSO ERM is a risk management framework that helps firms relate strategic objectives, organizational structure, and eight key components of the threat management process. This document provides guidance on developing and implementing integrated control activities.
COSO is large in scope and complex to use, which is why some companies rely on FERMA, with the core elements supplemented by COSO ERM.
The international standard ISO 31000 is universal and is currently being updated. The revised version is expected to be relatively short, and the risk management processes will become more consistent and understandable.
Recommended articles on this topic:
Examples of USP to make yours even cooler
Absolutely Free Internet Advertising: 19 Options
Selling price list: 5 marketing tricks + 10 tips for design