Risk Management – Protect your business and your customers
A number of standards have been developed worldwide to help organisations implement risk management systematically and effectively. These standards seek to establish a common view on frameworks, processes and practice, and are generally set by recognised international standards bodies or by industry groups. Risk management is a fast-moving discipline and standards are regularly supplemented and updated.
Globally the preferred risk management management system standard is ISO 31000:2009. There are many other industry specific risk management standards such as ISO 14971:2007.
ISO 31000 consists of 11 key principles which view risk management as an elementary process of generating success of the organization. These eleven principles can be regarded as the “essential qualities” required for risk management.
- Principle 1: Risk management creates and protects value
- Principle 2: Risk management is an integral part of the organizational procedure
- Principle 3: Risk management is part of decision making
- Principle 4: Risk management explicitly addresses uncertainty
- Principle 5: Risk management is systematic, structured and timely
- Principle 6: Risk management is based on the best available information
- Principle 7: Risk management is tailored
- Principle 8: Risk management takes human and cultural factors into account
- Principle 9: Risk management is transparent and inclusive
- Principle 10: Risk management is dynamic, iterative and responsive to change
- Principle 11: Risk management facilitates continual improvement and enhancement of the organization
International Certifications offer the following Risk Management certification programs plus many more:
ISO 31000:2009 – Risk management — Principles and guidelines (www.iso.org)
ISO 31000:2009 provides generic guidelines for the design, implementation and maintenance of risk management processes throughout an organization. Risks affecting organizations can have consequences in terms of economic performance and professional reputation, as well as environmental, safety and societal outcomes. Therefore, managing risk effectively helps organizations to perform well in an environment full of uncertainty
ISO 31000:2009 has been developed as a replacement to the existing standard on risk management, AS/NZS 4360:2004. Although ISO 31000:2009 was not been developed with the intention for certification, many organizations still choose to be certified to this standard.
ISO 14971:2007 – Medical devices-application of risk management to medical devices (www.iso.org)
ISO 14971:2007 is an ISO standard for the application of risk management to medical devices. This standard establishes the requirements for risk management to determine the safety of a medical device by the manufacturer during the product life cycle. Such activity is required by higher level regulation and other quality management system standards such as ISO 13485:2003.
Contact us today for an obligation free fixed fee quotation for certification, if you are already certified why not get a second opinion from International Certifications?