Risk Management and ISO 31000: A Pocket Guide
- 1h 16m 6s
- Alan Field
- IT Governance
Risk management is a primary concern for any organisation. Its significance has only increased since the start of the COVID-19 pandemic. Organisations need to prepare for all types of threats, both probable (a server breaking down) and improbable (the office being flooded), to ensure that their operations can survive and adapt to continue with BAU (business as usual) in the face of a disaster.
Risk management isn’t solely about preventing negative outcomes, but also about taking a known risk to uncover new opportunities to improve the organisation. For example, the transition of employees to remote working could be a security risk as an employee could connect their laptop to an unsecure Wi-Fi connection. However, as demonstrated during the pandemic, remote working helped protect employees as it reduced the risk of infecting one another.
This pocket guide introduces the premise of RBT (risk-based thinking), exploring the principles outlined in the risk management standard, ISO 31000.
Read this pocket guide to understand how:
- Risk-based management can prepare your organisation against future threats and therefore help the success of a BCP (business continuity plan);
- To identify whether the opportunities gained from a ‘risky’ decision can outweigh the perceived threat;
- The principles of ISO 31000 can help your organisation develop a framework for its approach to risk management;
- The ISO 31000 guidelines can be interwoven with controls in other standards, such as ISO 27001 and ISO 9001; and
- The organisation must continually review its approach to risk management to stay prepared for the latest threats.
Understand the benefits of risk-based management and ISO 31000 with this pocket guide!
About the Author
Alan Field, LL.B (Hons), PgC, MCQI CQP, GIFireE is a Chartered Quality Professional and Member of The Society of Authors.
Alan has particular expertise in auditing and third-party assessing ABMSs (anti-bribery management systems) to ISO 37001 and integrated management systems to ISO 9001 and ISO 14001 requirements. He has many years’ experience with quality and integrated management systems in the legal, financial, property services and project management sectors in auditing, assessment and gap analysis roles.
In this Audiobook
Chapter 1 - What Is Risk?
Chapter 2 - What Is ISO 31000:2018?
Chapter 3 - Before You Read ISO 31000, Read This!
Chapter 4 - Using ISO 31000 to Assist Risk-based Thinking
Chapter 5 - Reading ISO 31000 Within Wider Risk Concepts