Please enable JavaScript.
Coggle requires JavaScript to display documents.
ISO 31000 Risk management & ERM - Coggle Diagram
ISO 31000
Risk management & ERM
Overview of Risk Management
Addresses uncertainties
Embedded in operations
Drives strategic decisions
Upside of risk: Better decisions, improved operations
Global Standards
COSO ERM:
Focus on U.S. regulatory requirements
Post-2008 crisis emphasis
ISO 31000
: International guidelines (since 2009)
3.Benefits of ERM
Competitive advantages
Financial reporting
Operational efficiency
Reduced capital costs
Strategic decision-making
Enhanced reputation
6.Implementation Framework
Risk Architecture: Roles and responsibilities
Responsibilities
Business Managers: Build culture, improve processes
Employees: Report inefficiencies
CEO/Board: Risk appetite, crisis management
Risk Manager: Policy, risk reports
Internal Audit: Efficiency of controls
Risk Management Policy: Objectives, appetite, architecture, and protocols
Key Concepts and Tools
Risk Types: Strategic, Tactical, Operational
Risk Assessment: Identification, Evaluation, Ranking
Risk Definition: Effect of uncertainty on objectives (ISO Guide 73)
Risk Classification: Financial, Operational, Reputational, etc.
Risk Assessment Tools
Benchmarking risk materiality (e.g., financial impact, disruption)
SWOT, PESTLE, HAZOP
Drivers of Risk
Financial, Infrastructure, Reputational, Marketplace risks
Risk Appetite
Defines acceptable risk at strategic, tactical, and operational levels
Guides performance targets
Measuring and Monitoring
Dynamic management aligned with priorities
Risk registers