Enterprise Risk Management

  • 1.  RE:ISO 31000:2009

    Posted 01-21-2010 10:31 AM
    Linda,

    ISO 31000:2009 is a worthwhile document and standard.  It is close to the AUS/NZ 4360 risk management standard, which I previously used as a base to develop risk management programs.  We are now using ISO 31000 as the foundation for our supply chain risk management program.  The standard provides a pragmatic, practical approach to risk management.

    It would be worthwhile to also obtain the companion documents ISO Guide 73:2009 Risk management vocabulary, and IEC/ISO 31010:2009 Risk management - risk assessment techniques.

    Recognize that the standard is only a framework for risk management.  Each company must tailor the details of a risk management program to meet the company's business environment, organizational structure and culture.

    -------------------------------------------
    John Brown
    Director, Risk Management, Supply Chain Development
    The Coca-Cola Company
    Atlanta GA
    United States
    jbrown3@na.ko.com
    -------------------------------------------