Have Your Say - Top Risks for Schools in 2024
Subscribe
Article

Risk Management 101: What is ISO 31000?

12/11/13
Resources

ISO 31000 are the international set of standards that are considered best-practice for any organisation designing and implementing an enterprise risk management system. And that includes schools.

Reading the Standard is the first step every school should take before drafting an effective risk management system, which is a requirement of school registration standards across Australia and New Zealand.

ISO 31000, which was introduced in Australia and New Zealand in 2009, outlines the steps organisations are either required by law, or voluntarily seek, to implement an effective risk management program.

ISO 31000, which was set by the 164 country member International Organization for Standardization, defines risk as “the effect of uncertainty on objectives”.

The Standard can be used throughout the life of an organisation and applied to managing a risk on a range of activities, from strategy, services, assets, operations, processes to specific practices.

ISO 31000 has 11 principles for an organisation to comply with in regards to its risk management. They are for risk management to:

  • Create and protect value;
  • To be an integral part of all organisational processes;
  • To be part of decision making;
  • Explicitly address uncertainty;
  • To be systematic, structured and timely;
  • To be based on the best available information;
  • To be tailored;
  • To take human and cultural factors into account;
  • To be transparent and inclusive;
  • To be dynamic, iterative and responsive to change; and
  • To facilitate the continual improvement of organisations.

The Standard notes how organisations should assess risk through a process of comprehensively identifying every risk (whether or not they are under the control of the organisation), risk analysis and risk evaluation.

ISO 31000 outlines the framework that organisations need to integrate risk management into their overall management system. It requires organisations to ensure their risk management policies and cultures are aligned, and that accountabilities are assigned at the appropriate levels within an organisation.

Aside from ensuring legal and regulatory compliance, ISO 31000 requires organisations to also align their risk management objectives with their overall strategies.

The Standard also outlines how an organisation should establish internal and external communication and reporting mechanisms, and how it should regularly monitor and review its risk management framework.

Share this
About the Author

CompliSpace

CompliSpace is Ideagen’s SaaS-enabled solution that helps organisations in highly-regulated industries meet their governance, risk, compliance and policy management obligations.

Resources you may like

Article
Sextortion: A Growing Concern for Schools

Trigger warning: This article references sexual assault, child abuse, and suicide.

Read More
Article
Changes to the Australian Consumer Law – What Schools Need to Know

Many schools rely on standard form contracts to avoid the time and cost of drafting and negotiating...

Read More
Article
The SG Wrap: February 29, 2024

The information in the SG Wrap is aggregated from other news sources to provide you with news that...

Read More

Want School Governance delivered to your inbox weekly?

Sign up today!
Subscribe