This is the second part of the ISO 31000 guidance model for ‘Risk’. The section called ‘Framework’ follows the ‘Principles’ outlined in the last post and sheds more light on the need for a methodical approach to ‘Risk’.
The ‘Framework’ is centred around Leadership and Commitment.
This is no surprise and adds another dimension to the Leadership role required by ISO 9001 (and others) Clause 5. The details are in ISO 31000 – here’s a bird’s eye view of what you’ll find there:
- Integration – weave risk-based thinking into the fabric. Make sure it’s not something ‘extra’. It needs to be part of everyone’s thinking patterns.
- Design – use a cross-functional team to get the best results and the best survey of ‘risk’ and where it’s hiding.
- Implementation – Leaders need to know what is needed in all areas of the organization. Areas that are managing risk well need to get credit for that and not be forced to undo what they’ve already done
- Evaluation – Top Management needs to understand how well risk is being managed and relate it to the strategic direction of your organization
- Improvement – just like ‘rust’, risk never sleeps
That’s the ‘Framework’ section from ISO 31000. There will be more detail about ‘Process’ in the next post. These ideas will help you get started on your risk management journey, but be sure to get a copy of ISO 31000 if you want more guidance for your activities. All of your efforts will pay you a surprising return on your investment!
Know Quality, Know Profits…No Quality, No Profits
If you’d like to see how we’ve designed our platform to help manage risk, schedule a demo and we’ll see if it can make your ‘ISO life’ simpler and safer!