tracker

TQMC

TQMC has acquired wide Domain Knowledge and Experience. You can FREELY access it here and here

DISCLAIMER: This matter here is a guide only. For authentic and up-to-date information, please contact TQMC.

The DIRECTIVES and STANDARDS listed here may have been subsequently REVISED . You must refer to the CURRENT REVISION and AMENDMENTS if any.

Sunday, June 7, 2009

ISO/FDIS 31000 Risk Management

ISO/FDIS 31000 

Risk management -- Principles and guidelines

General information

Number of Pages: 24


Edition: 1 (Monolingual)ICS: 03.100.01
Status: Under developmentStage: 50.20 (2009-05-25)
TC/SC: TMBTarget publication date: 2009-06-30

Abstract

ISO 31000:2009 provides principles and generic guidelines on risk management.

ISO 31000:2009 can be used by any public, private or community enterprise, association, group or individual. Therefore, ISO 31000:2009 is not specific to any industry or sector.

ISO 31000:2009 can be applied throughout the life of an organization, and to a wide range of activities, including strategies and decisions, operations, processes, functions, projects, products, services and assets.

ISO 31000:2009 can be applied to any type of risk, whatever its nature, whether having positive or negative consequences.

Although ISO 31000:2009 provides generic guidelines, it is not intended to promote uniformity of risk management across organizations. The design and implementation of risk management plans and frameworks will need to take into account the varying needs of a specific organization, its particular objectives, context, structure, operations, processes, functions, projects, products, services, or assets and specific practices employed.

It is intended that ISO 31000:2009 be utilized to harmonize risk management processes in existing and future standards. It provides a common approach in support of standards dealing with specific risks and/or sectors, and does not replace those standards.

ISO 31000:2009 is not intended for the purpose of certification.




SOURCE




Risk management

From Wikipedia, the free encyclopedia

For non-business risks, see risk or the disambiguation page risk analysis.
Example of risk management: NASA's illustration showing high impact risk areas for the International Space Station".

Risk Management is the identification, assessment, and prioritization of risksfollowed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events..[1] Risks can come from uncertainty in financial markets, project failures, legal liabilities, credit risk, accidents, natural causes and disasters as well as deliberate attacks from an adversary. Several risk management standards have been developed including the Project Management Institute, the National Institute of Science and Technology, actuarial societies, and ISO standards.[2][3] Methods, definitions and goals vary widely according to whether the risk management method is in the context of project management, security, engineering, industrial processes, financial portfolios, actuarial assessments, or public health and safety.

For the most part, these methodologies consist of the following elements, performed, more or less, in the following order.

  1. identify, characterize, and assess threats
  2. assess the vulnerability of critical assets to specific threats
  3. determine the risk (i.e. the expected consequences of specific types of attacks on specific assets)
  4. identify ways to reduce those risks
  5. prioritize risk reduction measures based on a strategy

The strategies to manage risk include transferring the risk to another party, avoiding the risk, reducing the negative effect of the risk, and accepting some or all of the consequences of a particular risk.


Contents

 [hide]



FAQs

1 comment:

  1. Samsung Un65d8000 65-inch 1080p 240 Hz animations Led High definition

    my web blog: casinoeuro

    ReplyDelete