Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Share this Page URL

06 Risk management standards > Alternative approaches - Pg. 65

Risk Management standards 65 f I g u r E 6.4 Risk management process from ISO 31000 Establishing the context Risk assessment Risk identification Communication and consultation Risk analysis Monitoring and review Risk evaluation Risk treatment This figure taken from international standard ISO 31000:2009 Risk Management ­ Principles and Guidelines, is reproduced with the permission of the International Organization for Standardization, ISO. This draft standard can be obtained from any ISO member and from the website of the ISO Central Secretariat at the following address: Copyright remains with the ISO. Alternative approaches The approach adopted by the Canadian Criteria of Control (CoCo) framework produced by the Canadian Institute of Chartered Accountants is based on the idea that the risk culture of the organization is the most important consideration. If the risk culture is correct, then the successful management of risks should follow. The CoCo framework states that: A person performs a task, guided by an understanding of its purpose (the objective to be achieved) and supported by capability (information, resources, supplies and skills). The person will need a sense of commitment to perform the task well over time. The person will monitor his or her performance and the external environment to learn about how to do the task better and about changes to be made. The same is true of any team or work group. In any organization of people, the essence of control is purpose, commitment, capability and monitoring and learning.