Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Share this Page URL

ISO 31000 and ERM > ISO 31000 and ERM - Pg. 66

66 Enterprise Project Governance and risk management. 13 The standard supports a simple way of thinking about risk and risk management and is designed to resolve the many inconsistencies and ambiguities among differing approaches and definitions. Every organization has its own unique risk footprint and its own risk man- agement challenges. The aim is to establish a consistent framework that can be integrated across various industries and regions and adopted by any orga- nization--including public, private, not-for-profit, and government entities-- to benefit all organizations confronting the always problematic challenges of managing risk. ISO 31000 defines risk as the effect of uncertainty on objectives. Risk is the consequence of an organization's setting and pursuing objectives against an uncertain environment. The uncertainty is driven by internal and external fac- tors that may prevent the organization from achieving its objectives. Striving toward business goals always carries an element of risk and uncertainty, and the effective management of that risk makes possible meeting the established