Risk Management and ISO 31000 – A pocket guide

Risk management is a primary concern for any organisation. Its significance has only increased since the start of the COVID-19 pandemic. Organisations need to prepare for all types of threats, both probable (a server breaking down) and improbable (the office being flooded), to ensure that their operations can survive and adapt to continue with BAU (business as usual) in the face of a disaster.

Risk management isn’t solely about preventing negative outcomes, but also about taking a known risk to uncover new opportunities to improve the organisation. For example, the transition of employees to remote working could be a security risk as an employee could connect their laptop to an unsecure Wi-Fi connection. However, as demonstrated during the pandemic, remote working helped protect employees as it reduced the risk of infecting one another.

This pocket guide introduces the premise of RBT (risk-based thinking), exploring the principles outlined in the risk management standard, ISO 31000.

Read this pocket guide to understand how:

• Risk-based management can prepare your organisation against future threats and therefore help the success of a BCP (business continuity plan);
• To identify whether the opportunities gained from a ‘risky’ decision can outweigh the perceived threat;
• The principles of ISO 31000 can help your organisation develop a framework for its approach to risk management;
• The ISO 31000 guidelines can be interwoven with controls in other standards, such as ISO 27001 and ISO 9001; and
• The organisation must continually review its approach to risk management to stay prepared for the latest threats.

Understand the benefits of risk-based management and ISO 31000 with this pocket guide!