What Is ISO 31000:2018
ISO 31000 is a family of standards related to risk management which is codified by the International Organization for Standardization. The aim of ISO 31000: 2018 is to provide general principles and guidelines regarding risk management. ISO 31000 seeks to provide a universally recognized paradigm for practitioners and companies who use risk management processes to replace the myriad of standards, methodologies, and paradigms that differ between industries, subjects and regions.
ISO 31000 was published as a standard on November 13, 2009, and provides a standard on the application of risk management. Revised and harmonized ISO / IEC 73 Guidelines were published at the same time. The aim of ISO 31000: 2009 is to be applicable and customized for any public, private or community company, association, group or individual. Thus, the general scope of ISO 31000 – as a family of risk management standards – was not developed for a specific industry group, management system or subject area in mind, but rather to provide a best practice structure and guidelines for all operations related to risk management. It started the process for its first revision on 13 May 2015. The draft international standard (DIS), which is open for public comment, was published on 17 February 2017.
The update to ISO 31000 was added in early 2018. The update differs in that ISO 31000: 2018 provides more strategic guidance than ISO 31000: 2009 and places more emphasis on senior management involvement and the integration of risk management into the organization.
Requirements – requirements
- Context Organization
- Leadership
- Planning
- Support
- Operation
- Performance
- Evaluation
- Improvement
Benefits Implementation
Companies will get many benefits by implementing this international standard management system, including :
- Improve efficiency and control of business operations
- Build trust in business risk management from shareholders and other interested parties
- Minimizing losses with a planned and controlled risk analysis
- Improve performance and management systems
- Protect business uncertainty from external and internal changes
Consultation program
1. Gap Analysis
- Review the maturity level of the current management system implemented by the company and to determine gaps with standard requirements
2. Management system creation
- Creating a management system with a system level that aims to facilitate the implementation and understanding of employees in implementing this management system standard
3. Training
- Equip employees with a thorough understanding of a good quality management system so that they can maintain consistency in implementation even though they are no longer accompanied by a consultant
Preparation for consultation
Several things that need to be prepared by the company before the consultation process, namely :
- Forming a committee team for the implementation of the quality management system consisting of representatives from each department
- Collect all documents currently used in managing the company
- Company legality data for registration requirements to the certification body