1
ISO 31000
A new approach of the risk
and its management
Pr. Gilles Motet
Foundation for an Industrial Safety Culture
http://www.icsi-eu.org
Protezione del territoro verso l’EXPO 2015
Strategie e buone pratiche
Milano – February 19th 2009
2
New ISO standards
September 2009:
Guide 73 « Risk management – Vocabulary »(revision)ISO 31000 « Risk management – Principles and guidelines » (new)
Various organizations: industries, representatives, NGO, private & public, etc.Various sectors: health & safety, finance, transport, etc.
3
Contents
Risk
Risk Management Process
Risk Management Framework
Risk Management Principles
4
What risk means?
Risk = Hazard (1 st definition)
Example: Speed
Leads to an hazardous event
Risk treatment: hazard reduction
Why hazard is an issue?Leads to benefits ! (short journey)
5
What risk means?
Risk = Potential harms (2 nd definition)
Example: accident
Risk treatment: e.g. protection
Why are we using a car?
6
What risk means?
Objectives :Arrive at office safelyBefore 9H AMListening news to the radio
An hazardous event hampers these objectives to be achieved
Risk=effect of uncertainty on achievement of objectives
TimeDecision
Objectives
7
What risk means?
Historical change :
Hazard
Technician
Control
(technology)
Potential event
Engineer
Analyse (Model)
Objective
Manager
Decide(Decision-making)
8
Contents
Risk
Risk Management Process
Risk Management Framework
Risk Management Principles
9
Risk Management process
Risk is the effect of uncertainty on achievement of objectives
Means to achieve objectivesPlannedActual
Objectives
t0 t1
Time
10
Risk Management process
Risk management = coordinated activities to direct and control an organization with regard to risk
Expected result:
Objectives
t0 t1
Time
11
Risk Management process
Two parallel activities aiming atachieving objectives ( current activity)Controlling the effect of uncertainty ( risk management)
How to control risk?
Current activity Risk management
Effects
12
Risk Management process
Residual risks
Com
munication and consultation
Identification
Analysis
Evaluation
Treatment
Establishing the context
Monitoring and review
13
Contents
Risk
Risk Management Process
Risk Management Framework
Risk Management Principles
14
Framework
Processes have to beincluded in the activities, andcontrolled
by the organization
Framework includes:Specification of the top management mandate and commitmentTrade-off between various objectives: safety & securityDefinition of the means to be used by the processes (models, techniques, tools, etc.)Process improvement . . .
15
Framework
Process of the framework: a PDCAEx.
Assessment of techniques efficiencyUse of new techniques
16
Contents
Risk
Risk Management Process
Risk Management Framework
Risk Management Principles
17
Principles
Framework & process must be steered by principles. Example:
“Takes human and cultural factors into account” =>Internal context of the organization (framework)Stakeholders (process)
18
Questions ?
“For an Industrial Safety Culture”
http://www.icsi-eu.org