131134073-iso-31000.pdf
TRANSCRIPT
-
7/22/2019 131134073-ISO-31000.pdf
1/37
ISO 31000: The challenges of implementing
a new approach
Professor Martin Loosemore FRICS, FCIOB
-
7/22/2019 131134073-ISO-31000.pdf
2/37
WHY ARE WE HERE?
High risk (and opportunity) environment- large, high-value, innovative projects with long risk exposure.
Surge in risk-related legislation.
Pre-qualification requiring a demonstrable capability in risk
management.
Corporate responsibility and citizenship evolving fast.
Rapid growth (skills shortages and capacity problems).
Customer base changing.
Penalties for non-compliance becoming increasingly severe.
Risk and opportunity management is ourcore business
Working overseas (culture, pressures, everything is new)
Protect and enhance ourreputation
-
7/22/2019 131134073-ISO-31000.pdf
3/37
COMPETITIVE ADVANTAGE
57% Regularly declined tenders due to a lack of
confidence in managing high risks OR added too largecontingency and lost the job as a result.
59% Companies did not review risks on a regular
basis.
38% Directors were not confident in their risk
management systems.
-
7/22/2019 131134073-ISO-31000.pdf
4/37
22 COMMON PROBLEMS
1. COMPLIANCE RATHER THAN BEST PRACTICE.
CSA 1997 BS6079-3 (2000) IRGC 2004 COSO (2004) AS/NZS4360 (2004) ISO 31000 (2008)
1. Initiation
2. Preliminary
analysis
3. Estimation
4. Evaluation
5. Control
6. Action/monitor
7. Communicate
1. Context
2. Identification
3. Analysis
4. Evaluation
5. Treatment
6. Communicate
7. Review/update
1. Pre-assessment
2. Appraisal
3. Tolerability and
acceptability
judgement
4. Risk management
5. Communicate
1. Environment
2. Objectives
3. Identification
4. Assessment
5. Response
6. Control
7. Communicate
8. Monitoring
1. Context
2. Identification
3. Analysis
4. Evaluation
5. Treatment
6. Communicate/
consult
7. Monitor/review
1. Mandate/
commitment
2. Context
3. Identification
4. Analysis
5. Evaluation
6. Treatment
7. Communicate/
8. consult
9. Monitor/review
Key : CSA Canadian Standards Association; IRGC International Risk Governance Council; COSO Committee of Sponsoring
Organizations; ISO International Standards Organisation; AS/NZ Standards Australia and Standards New Zealand;
BS British Standards
-
7/22/2019 131134073-ISO-31000.pdf
5/37
2. HUNGER FOR PROFIT WITHOUT A RISK APPETITE.
3. FROM THE BOTTOM RATHER THAN THE TOP.
4. CRISIS MANAGEMENT RATHER THAN RISK MANAGEMENT.
22 COMMON PROBLEMS
-
7/22/2019 131134073-ISO-31000.pdf
6/37
5. RISK TRANSFER RATHER THAN RISK MANAGEMENT.
6. SELFISH RATHER THAN COOPERATIVE.
7. INCESTUOUS RATHER THAN CONSULTATIVE.
8. NEGATIVE RATHER THAN POSITIVE.
22 COMMON PROBLEMS
-
7/22/2019 131134073-ISO-31000.pdf
7/37
Likelihood
Consequence
Insignificant Minor Moderate Major Catastrophic
Almost certain L M H H E
Very likely L M M H E
Likely L L M H E
Unlikely L L M H H
Rare L L M H H
E = Extreme, H = High, M = Medium, L = Low
22 COMMON PROBLEMS
-
7/22/2019 131134073-ISO-31000.pdf
8/37
10. UNSYSTEMATIC RATHER THAN CONSISTENT.
9. PROJECT-BASED RATHER THAN PORTFOLIO-BASED.
11. SILO MENTALITY.
12. BUCK-PASSING RATHER THAN TAKE RESPONSIBILITY.
22 COMMON PROBLEMS
-
7/22/2019 131134073-ISO-31000.pdf
9/37
13. COMPLEX RATHER THAN SIMPLE.
14. CENTRALISED RATHER THAN DECENTRALISED.
15. PERIODIC RATHER THAN CONTINUOUS.
16. COMMERCIAL RISKS RATHER THAN OPERATIONAL
RISKS.
22 COMMON PROBLEMS
-
7/22/2019 131134073-ISO-31000.pdf
10/37
17. QUANTITATIVE RATHER THAN QUALITATIVE.
18. ANALYSIS RATHER THAN IDENTIFICATION.
19. PERIPHERAL RATHER THAN CORE ACTIVITY.
20. ONE DIMENSIONAL RATHER THAN 3 D.
22 COMMON PROBLEMS
-
7/22/2019 131134073-ISO-31000.pdf
11/37
21. PAPER-BASED RATHER THAN MULTIMEDIA.
22. TECHNOLOGY RATHER THAN PEOPLE.
22 COMMON PROBLEMS
http://images.google.co.uk/imgres?imgurl=http://www.contractservicing.com/images/paperwork.jpg&imgrefurl=http://www.contractservicing.com/default.asp%3Fsvc%3Doutsourcing_main.htm&h=753&w=1141&sz=72&hl=en&start=3&tbnid=fEjnTAFIQXPYPM:&tbnh=99&tbnw=150&prev=/images%3Fq%3Dpaperwork%26gbv%3D2%26svnum%3D10%26hl%3Denhttp://images.google.co.uk/imgres?imgurl=http://www.contractservicing.com/images/paperwork.jpg&imgrefurl=http://www.contractservicing.com/default.asp%3Fsvc%3Doutsourcing_main.htm&h=753&w=1141&sz=72&hl=en&start=3&tbnid=fEjnTAFIQXPYPM:&tbnh=99&tbnw=150&prev=/images%3Fq%3Dpaperwork%26gbv%3D2%26svnum%3D10%26hl%3Denhttp://images.google.co.uk/imgres?imgurl=http://www.contractservicing.com/images/paperwork.jpg&imgrefurl=http://www.contractservicing.com/default.asp%3Fsvc%3Doutsourcing_main.htm&h=753&w=1141&sz=72&hl=en&start=3&tbnid=fEjnTAFIQXPYPM:&tbnh=99&tbnw=150&prev=/images%3Fq%3Dpaperwork%26gbv%3D2%26svnum%3D10%26hl%3Denhttp://images.google.co.uk/imgres?imgurl=http://www.contractservicing.com/images/paperwork.jpg&imgrefurl=http://www.contractservicing.com/default.asp%3Fsvc%3Doutsourcing_main.htm&h=753&w=1141&sz=72&hl=en&start=3&tbnid=fEjnTAFIQXPYPM:&tbnh=99&tbnw=150&prev=/images%3Fq%3Dpaperwork%26gbv%3D2%26svnum%3D10%26hl%3Den -
7/22/2019 131134073-ISO-31000.pdf
12/37
Awareness
Confidence Image
Processes
Application Skills
CultureResources
RMMT - www.synergymcg.com
RISK MANAGEMENT MATURITY
-
7/22/2019 131134073-ISO-31000.pdf
13/37
Riskm
anagementmaturity
Time
Hardware
phase
Systems
phase
People
phase
Ignorance
phase
RISK MANAGEMENT MATURITY
Corporate social
responsibility
-
7/22/2019 131134073-ISO-31000.pdf
14/37
STEP ONE
-
7/22/2019 131134073-ISO-31000.pdf
15/37
STEP ONE
UNDERSTAND WHY YOU WANT
A NEW APPROACH
FOR MULTIPLEX?
-
7/22/2019 131134073-ISO-31000.pdf
16/37
FOR MULTIPLEX?
Very big risky projects one problem can wipe
out margins or company.
New legislation was requiring it
Pre-qualification requiring a demonstrable
capability in risk management.
Rapid growth was stretching existing systems.
Customers becoming more risk averse.
Risk and opportunity was seen as essential to protectand enhance reputation.
End of supply chain and being passed a lot of risk.
STEP TWO
-
7/22/2019 131134073-ISO-31000.pdf
17/37
STEP TWO
UNDERSTAND YOUR
PHILOSOPHY AND MATURITY
FOR MULTIPLEX: A NEW WAY TO MANAGE
-
7/22/2019 131134073-ISO-31000.pdf
18/37
Breaking down barriers
FOR MULTIPLEX: A NEW WAY TO MANAGE
RISK
Risk portfolios
Benefits of risk/opportunity management
Cost of risk/opportunity management
Pro-activity
Project life cycle
Risk seen as an asset
A NEW WAY TO MANAGE RISK
-
7/22/2019 131134073-ISO-31000.pdf
19/37
Meaningful consultation
Taking responsibility
A NEW WAY TO MANAGE RISK
Simple
S G
-
7/22/2019 131134073-ISO-31000.pdf
20/37
RISK MANAGEMENT MATURITY AUDIT
Awareness
Confidence Image
Processes
Application Skills
CultureResources 32 44 23 1
1
3
2
4
4
2
3
1
4
3
2
1
1
2
3
4
1
4
3
2
1
1
2
3
4
STEP THREE
-
7/22/2019 131134073-ISO-31000.pdf
21/37
STEP THREE
DEVELOP THE SYSTEM
D l t d i l t ti
-
7/22/2019 131134073-ISO-31000.pdf
22/37
FOCUS GROUPS WITH KEY STAKEHOLDERS.
DOCUMENT THE SYSTEM
PILOT THE SYSTEM, COLLECT
FEEDBACK AND REFINE IT.
Development and implementation process
THE END RESULT
-
7/22/2019 131134073-ISO-31000.pdf
23/37
THE END RESULT
-
7/22/2019 131134073-ISO-31000.pdf
24/37
-
7/22/2019 131134073-ISO-31000.pdf
25/37
-
7/22/2019 131134073-ISO-31000.pdf
26/37
-
7/22/2019 131134073-ISO-31000.pdf
27/37
-
7/22/2019 131134073-ISO-31000.pdf
28/37
-
7/22/2019 131134073-ISO-31000.pdf
29/37
2008 Beijing Olympics
http://images.google.com.au/imgres?imgurl=http://prmeetsmarketing.files.wordpress.com/2008/04/beijing-olympics-2008.jpg&imgrefurl=http://prmeetsmarketing.wordpress.com/2008/04/09/off-topic-beijing-olympic-torch-relay/&h=280&w=367&sz=20&hl=en&start=3&tbnid=ni6IdzwdY45IyM:&tbnh=93&tbnw=122&prev=/images%3Fq%3Dbeijing%2BOlympics%26gbv%3D2%26hl%3Den -
7/22/2019 131134073-ISO-31000.pdf
30/37
2008 Beijing Olympics
http://images.google.com.au/imgres?imgurl=http://prmeetsmarketing.files.wordpress.com/2008/04/beijing-olympics-2008.jpg&imgrefurl=http://prmeetsmarketing.wordpress.com/2008/04/09/off-topic-beijing-olympic-torch-relay/&h=280&w=367&sz=20&hl=en&start=3&tbnid=ni6IdzwdY45IyM:&tbnh=93&tbnw=122&prev=/images%3Fq%3Dbeijing%2BOlympics%26gbv%3D2%26hl%3Den -
7/22/2019 131134073-ISO-31000.pdf
31/37
www.risk-opportunity.com
Companies using multimedia to manage risks include
-
7/22/2019 131134073-ISO-31000.pdf
32/37
Companies using multimedia to manage risks include
STEP FOUR
-
7/22/2019 131134073-ISO-31000.pdf
33/37
STEP FOUR
IMPLEMENT THE SYSTEM
Lessons
-
7/22/2019 131134073-ISO-31000.pdf
34/37
Lessons
Easy to change behaviour butdifficult to keep it changed!
Need to educate your employees,
clients and business partners abouttheir role in the process
Lessons
-
7/22/2019 131134073-ISO-31000.pdf
35/37
Risk
Manager
External specialist
consultants.
Information
manager
(Collection,
storage,
maintenance and
dissemination ofrisk-related
information.)
Intranet
Manager
(Maintain
MFMs
web
site.)
Risk analysts.
(Assistance in
statistical risk
analysis
using MRI,
Pinnacle,@Risk, Cougar
and RCM
Turbo)
Technical
advisers.
(Advice on
contractual,
legal,
insurance,safety,
environmental
matters etc.)
Human
Resources
(Selection,
training,
appraisal,
rewardsetc)
Effective support is crucial
esso s
Lessons
http://images.google.com.au/imgres?imgurl=http://www.freememberssupport.com/resources/_wsb_556x424_HandHoldingPeople.jpg&imgrefurl=http://www.freememberssupport.com/&h=424&w=556&sz=21&hl=en&start=10&tbnid=ItHdyLLqsPr8CM:&tbnh=101&tbnw=133&prev=/images%3Fq%3Dsupport%2Bpeople%26gbv%3D2%26hl%3Den -
7/22/2019 131134073-ISO-31000.pdf
36/37
People find the concept of risk
difficult to understand many need
help
Be patient its takes more time
than you think (5% rule!)
Expect resistance from strange
places
Lessons
http://images.google.com.au/imgres?imgurl=http://earthissquare.com/wp-content/uploads/2007/09/bush-confused.jpg&imgrefurl=http://www.earthissquare.com/index.php%3Fs%3Djavaforge&h=304&w=380&sz=12&hl=en&start=2&tbnid=IpV476Fpy7kxqM:&tbnh=98&tbnw=123&prev=/images%3Fq%3Dconfused%26gbv%3D2%26hl%3Denhttp://images.google.com.au/imgres?imgurl=http://earthissquare.com/wp-content/uploads/2007/09/bush-confused.jpg&imgrefurl=http://www.earthissquare.com/index.php%3Fs%3Djavaforge&h=304&w=380&sz=12&hl=en&start=2&tbnid=IpV476Fpy7kxqM:&tbnh=98&tbnw=123&prev=/images%3Fq%3Dconfused%26gbv%3D2%26hl%3Denhttp://images.google.com.au/imgres?imgurl=http://earthissquare.com/wp-content/uploads/2007/09/bush-confused.jpg&imgrefurl=http://www.earthissquare.com/index.php%3Fs%3Djavaforge&h=304&w=380&sz=12&hl=en&start=2&tbnid=IpV476Fpy7kxqM:&tbnh=98&tbnw=123&prev=/images%3Fq%3Dconfused%26gbv%3D2%26hl%3Denhttp://images.google.com.au/imgres?imgurl=http://bradyinc.com/MPj04003460000%255B1%255D.jpg&imgrefurl=http://www.bradyinc.com/ChangeFormula.htm&h=853&w=1280&sz=270&hl=en&start=2&tbnid=TxVjq8Z8JX7OvM:&tbnh=100&tbnw=150&prev=/images%3Fq%3Dresistance%2Bto%2Bchange%26gbv%3D2%26hl%3Denhttp://images.google.com.au/imgres?imgurl=http://bradyinc.com/MPj04003460000%255B1%255D.jpg&imgrefurl=http://www.bradyinc.com/ChangeFormula.htm&h=853&w=1280&sz=270&hl=en&start=2&tbnid=TxVjq8Z8JX7OvM:&tbnh=100&tbnw=150&prev=/images%3Fq%3Dresistance%2Bto%2Bchange%26gbv%3D2%26hl%3Denhttp://images.google.com.au/imgres?imgurl=http://bradyinc.com/MPj04003460000%255B1%255D.jpg&imgrefurl=http://www.bradyinc.com/ChangeFormula.htm&h=853&w=1280&sz=270&hl=en&start=2&tbnid=TxVjq8Z8JX7OvM:&tbnh=100&tbnw=150&prev=/images%3Fq%3Dresistance%2Bto%2Bchange%26gbv%3D2%26hl%3Denhttp://images.google.com.au/imgres?imgurl=http://earthissquare.com/wp-content/uploads/2007/09/bush-confused.jpg&imgrefurl=http://www.earthissquare.com/index.php%3Fs%3Djavaforge&h=304&w=380&sz=12&hl=en&start=2&tbnid=IpV476Fpy7kxqM:&tbnh=98&tbnw=123&prev=/images%3Fq%3Dconfused%26gbv%3D2%26hl%3Den -
7/22/2019 131134073-ISO-31000.pdf
37/37
Manage the risks of risk
management!
Senior management leadership and
commitment is crucial
Expect knock-on effects