Strategic Risk-Management Framework

Patrick McConnell

This chapter covers the topic of developing a risk-management framework for managing strategic risks, in particular concentrating on the most up-to-date international standard created by the International Standards Organisation (ISO). After discussing the new ISO 31000 standard, the chapter describes its recommended risk-management framework, concentrating on the governance at board level and the organisation of strategic risk management activities.

ISO 31000 RISK-MANAGEMENT STANDARD

There are a number of so-called risk-management frameworks (RMFs) that have been created by industry bodies for specific purposes, such as the “Practice Standard for Project Risk Management” (PRM).11Developed by the Project Management Institute (PMI 2009), which also develops the widely used Project Management – Body of Knowledge (PMBOK). See http://www.pmi.org/. There are also a number of generic RMFs that are not industry- or discipline-specific, most notably COSO22The COSO framework was developed by the Committee of Sponsoring Organizations of the Treadway Commission (COSO), a privately funded body of peak US accounting and auditing organisations (see COSO 2004). and OCEG.33The nonprofit think

Sorry, our subscription options are not loading right now

Please try again later. Get in touch with our customer services team if this issue persists.

New to Risk.net? View our subscription options

You need to sign in to use this feature. If you don’t have a Risk.net account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here