ISO 31000 – 2018 Revision; Redundant or Relevant to Your Organisation?
by Jeff Jones
ISO 31000 was first published in 2009 and revised in 2018, originally being based on the AS4360 process. Throughout the intervening decade risk management has been mandated in government policy, dictated in ASIC principles of good governance, embedded in organisational management systems and referred to in a myriad of industry practices and standards. In essence, risk management has become a house-hold name. With this uptake has unleashed a spirit of risk management endeavour, often as its own entity and in other contexts as a driver of processes and a stand-alone business tool. Maturity assessments for evolving the development and implementation of risk management have abounded. However, despite the uptake and intent, risk management often remains an elusive and utopian mantra, with many organisations struggling to obtain the merit of a risk management framework and principles espoused in the standard. Benefits of risk management are not often captured or reported. Indeed, the very notion and definition of risk is often debated, as is the almost universal implementation of the ubiquitous risk matrix as the sole risk assessment technique. Yet, many of these industry and organisationally imposed approaches are not the intent or mantra of ISO31000. Perhaps the 2018 revision should be looked at with a fresh lens and a subsequent review of your organisations adoption of risk management framework, principles & process.
About the speaker
Jeff Jones is a Certified Practising Risk Manager and Associate Fellow of the Risk Management Institution of Australasia (RMIA). He is Director & Principal Consultant for Project Delivery Assurance, a Queensland based company specialising in enterprise & project risk management and independent reviews. A large part of PDA’s consulting services is in providing strategic direction and practical implementation support to Client’s strategic & operational risk management programs.
Jeff is a Chartered Engineer and has formulated his Risk Management concepts from a broad 30 year operations & project management career across Oil & Gas, Mining and Infrastructure sectors in Client and Contracting organisations, including Esso Australia, Thiess (Australia & Indonesia), and Santos. He has served on the Queensland Chapter Committee of the Engineers Australian Risk Engineering Society (RES) since 2010, and as a member of the RMIA Board Audit & Risk Committee between 2011 and 2013. He currently has a risk advisory role on a finance, audit and risk board committee for a national not-for-profit organisation.