Please enable JavaScript.
Coggle requires JavaScript to display documents.
ISO 31 000 - Coggle Diagram
ISO 31 000
Risk architecture
The Board
Determine strategic approach to risk and set risk appetite
Establish the structure for risk management
Understand the most significant risks
Manage the organisation in a crisis
Audit Committee
Develop a risk-based internal audit programme
Audit the risk processes across the organisation
Receive and provide assurance on the management of risk
Report on the efficiency and effectiveness of internal controls
Group Risk Management Committee (GRMC)
Assist the company in establishing specialist risk policies
Develop specialist contingency and recovery plans
Keep up to date with developments in the specialist area
Support investigations of incidents and near misses
Business units
Build risk aware culture within the unit
Agree risk management performance targets
Ensure implementation of risk improvement recommendations
Identify and report changed circumstances / risks
Disclosures Committee
Assist the company in establishing specialist risk policies
Develop specialist contingency and recovery plans
Keep up to date with developments in the specialist area
Support investigations of incidents and near misses
Framework for managing risk
Design
Organisation and its context
Risk management policy
Embedding risk management
Implementation
Implement framework
Risk description
Risk classification systems
Implement RM process
Planning and designing
Benefits of ERM
Embedding risk management
Measuring and monitoring
Risk improvement plans
BCP and DRP
Learning and reporting
Audit plan and risk reviews
Sources of risk assurance
monitor and review
Risk management process
Risk assessment
Risk identification
Risk analysis
Risk evaluation
Definition
The effect of uncertainty on objectives
Concepts
Objectives
Uncertainty
Effect on uncertainties