This short and accessible guide explains the concepts of risk management and how to implement a risk management system. The guide is written in a style to appeal to risk managers, others with risk management responsibilities, or those with a more general interest in the subject. It is embraces on the latest revision of the international risk management guidelines ISO 31000:2018, formally launched by BSI in London on 26 March and the latest version of the COSO Enterprise Risk Management Framework, published in 2017.
Executive editor Fiona Davidge enterprise risk manager for Wellcome Trust, explained that "EXPLAINED: Risk and managing risk" is aimed at anyone in an organisation, no matter what size, who has responsibility for managing risk. "About 90 percent of risk management is done by non-risk managers, even in large organisations that have a professional risk manager," she said at the launch.
The 50-page document sets out the principles, framework and process of risk management in plain English. Contents include:
- A definition of risk
- Risk management principles
- Governance and framework
- Leadership commitment and culture
- Articulating risk in the organisation
- Risk communication, reporting and monitoring
- Business continuity, resilience and insurance
Julia Graham, Airmic deputy CEO and technical director, stressed the importance of managing risk dynamically so organisations can take advantage of opportunities as well as mitigating threats. "Everyone in an organisation has a responsibility for managing risk. This guide sets out common issues in a dynamic and easy to read style and is suitable for all those interested in risk and managing risk and for all types of organisation - large and small."
The guide, the latest addition to the Explained series, can be downloaded here
Fiona Davidge, enterprise risk manager, Wellcome Trust