New Risk Management Standard – BS 31100:2008
BS 31100 is a new standard for risk management. Recently released by the British Standards Institution, it provides an understanding on how to develop, implement and maintain effective risk management within a business.
Organizations of all types and sizes face a range of risks affecting the achievement of their objectives. While “risk” is normally regarded as negative, risk management is as much about exploiting potential opportunities as preventing potential problems. It is important to bear this in mind whenever managing risk, and in reading this standard. Risk management is an essential part of good management.
Effective risk management help achieve business objectives by:
- Reducing the likelihood of events that would have a negative impact on your business
- Increasing the likelihood of events that would have a positive impact on your business
- Identifying opportunities where taking risks might benefit your business
- Improving accountability, decision making, transparency and visibility
- Identifying, understanding and managing multiple and cross-organization risks
- Executing change more effectively and efficiently and improving project management
- Providing better understanding of, and compliance with, relevant governance, legal and regulatory requirements, and corporate social responsibility and ethical requirements
- Protecting your revenue and enhancing value for money
- Protecting your reputation and stakeholder confidence
- Proactively managing your organization’s operations
- Controlling expenditure and delivering a cost-optimal control environment
- Retaining and developing customers by being more flexible and responsive to their needs.
BS 31100 provides recommendations for the framework, process and implementation of risk management and should be used for:
- Ensuring that your business achieves its objectives
- Ensuring risks are proactively managed in specific areas or activities
- Overseeing risk management in your company
- Providing assurance on your risk management strategy
- Reporting to stakeholders, e.g. through annual financial statements, corporate governance reports or corporate social responsibility reports
BS 31100 establishes the principles and terminology for risk management. It also gives recommendations for the model, framework, process and implementation of risk management gained from experience and good practice.
For more information on the standard, click here.
BS 31100 is also available for download from IT Governance.
=============================================
For more insights on the issue of risk management as well as how it impacts business continuity, read: A Risk Management Approach to Business Continuity: Aligning Business Continuity with Corporate Governance.
