Please enable JavaScript.
Coggle requires JavaScript to display documents.
ISO 31000 - Coggle Diagram
ISO 31000
RISK MANAGEMENT
RISK ARCHITECTURE
● Statement produced that sets out risk responsibilities & lists the risk-based matters reserved for the board
-
-
● Risk aware culture exists within the organisation and actions are in hand to enhance the level of risk maturity
-
RISK STRATEGY
Risk management policy produced that describes risk appetite, risk culture and philosophy
● Key dependencies for success identified, together with the matters that should be avoided
● Significant risks faced by the organisation identified, together with the critical controls required
● Risk management action plan established that includes the use of key risk indicators, as appropriate
RISK PROTOCOLS
● Appropriate risk management framework identified and adopted, with modifications as appropriate
● Suitable and sufficient risk assessments completed and the results recorded in an appropriate manner
-
● Details of required risk responses recorded, together with arrangements to track risk improvement recommendations
● Incident reporting procedures established to facilitate identification of risk trends, together with risk escalation procedures
-
PLANNING AND DESIGNING
-
- Plan the scope of the ERM initiative and develop common ● Upside of risk
- Establish the risk management strategy, framework, and ● Risk management policy
-
MEASURING AND MONITORING
- Ensure cost-effectiveness of existing controls and introduce ● Risk improvement plans
- Embed risk aware culture and align risk management with ● Control environment
LEARNING AND REPORTING
- Monitor and review risk performance indicators to measure ● Audit plan and risk reviews
- Report risk performance in line with legal and other ● Risk reporting