8 Principles of Risk Management: Risk Management Basics

Risk Management Basics Image

This is the first article in an ongoing series that will introduce the concepts of risk management. The articles and series will be based on the ISO 31000 standard for risk management (at least the initial articles will) and the discussion about risk management in these articles can be applied in any industry and for any subject–finances, supply-chain management, brand reputation, talent recruitment and retention, market share, occupational safety and health, supply-chain management, and more (this is known as enterprise risk management).

If you’re new to risk and risk management, we hope that the articles in this series will demystify the field to you and show you the opportunities that taking a risk-based approach can offer in a variety of applications.

Please let us know if you have any questions you’d like us to address in future Risk Management Basics articles, and of course do use the comments section if you’d like to chime in with your own knowledge, thoughts, and experiences.

Risk Management Principles: An Introduction

The ISO 31000-2018 standard, Risk Management–Guidelines, lists the following eight principles for any solid risk management program (see 31000-2018, Section 4, Principles):

  1. Integration
  2. Structured and comprehensive
  3. Customized
  4. Inclusive
  5. Dynamic
  6. Uses best available information
  7. Considers human and culture factors
  8. Practices continual improvement

Let’s look at each a little more closely.


Integration

An organization should integrate its risk management efforts into all parts and activities of the organization.

Structured and comprehensive

Creating and following a comprehensive, structured risk management approach leads to the most consistent, desirable risk management outcomes.

Customized

An organization’s risk management approach should be customized to their own needs, including the organization’s objectives and the external and internal context in which the organization operates.

Inclusive

To be most effective, risk management should involve all stakeholders in appropriate and timely ways. This allows the different knowledge sets, views, and perceptions of all stakeholders to be considered and implemented into risk management efforts.

Dynamic

As the organization changes, including its external and internal context, the organization’s risk management program and efforts should change, too. Change is inevitable and successful organizations know how to work with change. A risk management program should help the organization anticipate, identify, acknowledge, and respond to changes in an appropriate and timely way.

Uses best available information

Effective risk management is done by considering information from the past and present as well as anticipating the future. Therefore, (1) the information from the past and present must be as reliable as possible, and (2) risk managers must consider the limitations and uncertainities with that past and present information. All relevant stakeholders should receive necessary information in a timely and clear manner.

Considers human and culture factors

Risk management is a human activity and it takes place within one or more culture (organizational culture, etc.). Risk managers must be aware of the human and culture factors that the risk management effort takes place in and know the influence that human and culture factors will place on the risk management effort.

Practices continual improvement

Through experience and learning, risk managers must strive to continually improve an organization’s risk management efforts.


Where to Learn More About Risk Management

Of course, you can hang tight for the next article(s) in our Risk Management Basic Series, but here are some additional resources for you if you want to kickstart your risk management awareness.

Risk Management Basics Articles

Risk Management Basics: Three Steps of Risk Assessment 

Risk Standards and Organizations

Occupational Safety & Risk Management Related Articles from Convergence Training

Other Risk-Related Articles from Convergence Training


Conclusion: Effective Risk Management Programs Are Built on Strong Foundations & Principles

Stay tune for more Risk Basics articles and let us know all your risk management questions.

Although risk management techniques can be used in any industry and for any subject matter, we DO create a lot of tools for safety, including online EHS training courses and an online incident management system, so we’ve got a free Guide to Using Risk Management for Occupational Safety and Health Management for you below–download it and getting started on your risk-based occupational safety efforts today.

Button

Free Download–Guide to Risk-Based Safety Management

Download this free guide to using risk management for your occupational safety and health management program.

Download Free Guide

Button
Jeffrey Dalto

Jeffrey Dalto

Jeffrey Dalto is an Instructional Designer and the Senior Learning & Development Specialist at Convergence Training. He's worked in training/learning & development for 20 years, in safety and safety training for more than 10, is an OSHA Authorized Outreach Trainer for General Industry OSHA 10 and 30, has completed a General Industry Safety and Health Specialist Certificate from the University of Washington/Pacific Northwest OSHA Education Center, and is a member of the committee creating the upcoming ANSI Z490.2 national standard on online environmental, health, and safety training.

Leave a Reply

Your email address will not be published. Required fields are marked *