Tag: enterprise risk management

ISO 22316: Security and Resilience

The new ISO 22316 standard about organizational resilience will be published ultimo at the beginning of 2017. It has been developed by the ISO/TC 292 – Security and resilience – committee of the International Organization for Standardization in Geneva.

Organizational resilience is the ability of an organization to respond and adapt to change. Resilience enables organizations to anticipate and respond to threats and opportunities, arising from sudden or gradual changes in their internal and external context. Enhancing resilience should be a strategic organizational goal. It is a relative and dynamic concept rather than a specific activity or fixed state. The factors that enhance an organization’s resilience are unique to each organization. Organizations can only be more or less resilient and there is no absolute measure or definitive goal.

Top management commitment to enhance organizational resilience will contribute to:

  • an improved capacity to anticipate and respond to threats and opportunities;
  • an ability to identify and address vulnerabilities before they have a material impact;
  • a more coordinated approach to integrate existing management disciplines that support organizational resilience; and
  • a greater understanding of interested parties and dependencies that support strategic goals and objectives.

Brian Roylett (Australia), the project leader responsible for the development of ISO 22316, explains:

An organization’s adaptive capacity is a product of a wide range of capabilities including the ability to anticipate, respond to, and recover from disruptive events. These are often supported by well established processes such as risk management and business continuity initiatives, which are usually the focus of key activities to enhance resilience. Organizations should also establish agile and flexible business structures and management systems allowing them to adapt to changing circumstances.”

The project team working with ISO 22316 consists of international experts, practitioners, researchers, senior cross-functional leaders and decision makers in the areas of organizational culture, leadership, support processes, and risk management systems. People with the capacity and experience should get involved to actively influence the content of this organizational resilience standard by sharing and gaining knowledge.

Narim on work floor risk management

Narim conference stresses importance of work floor to risk management

“In recent years risk managers have focused on getting their voice heard in the boardroom, but according to Dutch risk managers, the work floor presents the biggest challenge to embedding risk management throughout an organisation.

A pool of audience members at last week’s Netherlands Association of Risk and Insurance Managers (Narim) congress in Utrecht revealed that 64% consider the work floor the hardest part of the organisation to convince of the benefits of risk management, compared to management (19%) and the boardroom (17%).” >>

Source: Commercial Risk Europe

ISO 31000 – Risk Management

PRIMO has selected ISO 31000 as one of it’s main frames of thinking in approaching public risks.

The International Organization for Standardization: “Risks affecting organizations can have consequences in terms of economic performance and professional reputation, as well as environmental, safety and societal outcomes. Therefore, managing risk effectively helps organizations to perform well in an environment full of uncertainty.”

ISO 31000:2009

ISO 31000:2009, Risk management – Principles and guidelines, provides principles, framework and a process for managing risk. It can be used by any organization regardless of its size, activity or sector. Using ISO 31000 can help organizations increase the likelihood of achieving objectives, improve the identification of opportunities and threats and effectively allocate and use resources for risk treatment.
However, ISO 31000 cannot be used for certification purposes, but does provide guidance for internal or external audit programmes. Organizations using it can compare their risk management practices with an internationally recognised benchmark, providing sound principles for effective management and corporate governance. >>

Control interno de las entitades del sector publico local

11 de marzo 2015, COSITAL

Hoy ha llegado oficialmente al Consejo General el texto del Proyecto de Real decreta,  por el que se regula el régimen jurídico del control interno de las entitades del sector publico local que ha elaborado el Ministerio de Hacienda y Administraciones Públicas en desarrollo de lo establecido en la Ley 27/2013  de 27 de diciembre, de racionalización y sostenibilidad de la Administración Local y sobre el cual el Consejo General de COSITAL, y otros interesados podrán formular alegaciones por plazo de quince días hábiles.

Conforme a lo dispuesto en el Reglamento de Régimen Interior del Consejo General se convocará sesión de la Junta de Representantes Autonómicos del Consejo General que se celebrará el próximo día 17 de abril, y de la Comisión Ejecutiva del Consejo para el día 18. Leer más >

Guidelines for Emerging Risk Governance

Project by Ortwin Renn

“IRGC’s current work aims to produce overarching Guidance on Emerging Risk Governance, as a set of flexible guidelines that support public and private organisations in their work to design internal processes to proactively deal with emerging risks:

  • Anticipate emerging risks and opportunities: identify, evaluate and prioritise potential threats and opportunities
  • Respond to emerging risk: assess and respond to those threats that may develop into risks to an organisation

The build upon previous IRGC work on causes and factors contributing to risk emergence (The Emergence of Risks: Contributing Factors, 2010) as well as on the main obstacles that organisations in the private sector face when they try to manage emerging risks (Improving the Management of Emerging Risks, 2011), and draws from consultations with academics and practitioners in the public and private sector who have developed their own processes for emerging risk identification and assessment. Moreover, substantial input to the Guidelines was provided at the Roundtable Discussion on Emerging Risk Governance in June 2014.” Read more >


Corruption risk in Spain

Mapping high-level corruption risks in Spanish Public Procurement

High-level corruption and fraud has had an increased impact on the social and political debate in Spain, especially since the beginning of the financial crisis when several cuts in social spending were made. Greater attention is being paid to where and how the government spends its public funding. This paper explores the extent and forms of political corruption in Spanish public procurement. Its main contribution is the rich analytical discussion of high- profile corruption scandals involving public procurement, such as the Gürtel case or the Palma Arena case, with particular focus on ‘red flags’ indicating likely corruption in public procurement procedures.

It also provides a comprehensive introduction to the Spanish public procurement institutional structure, a comparison with the European public procurement directives, and a broad statistical overview of public procurement in Spain. Another relevant feature of this paper is the in-depth description on how and where to access public procurement information, indicating the main issues that may arise which can be a risk to transparency. Deeper knowledge of the structure, regulatory framework and nature of Spanish public procurement allows, not only to understand the large amount of current corruption scandals in Spain, but also explores the failures and potential improvements.

Download report february 2015

Common Assessment Framework (CAF)

Bron: Bestuurszaken.be

Entiteiten van de Vlaamse overheid maken gebruik van het Common Assessment Framework -instrument (CAF) om hun werking te meten en te structureren. CAF – een instrument voor totale kwaliteitszorg – is gebaseerd op het EFQM-model en op het model van de Duitse Universiteit voor Bestuurswetenschappen in Speyer. Het kwaliteitsmodel is specifiek ontwikkeld voor overheidsorganisaties.

Filosofie van het model

‘Het model vertrekt vanuit de stelling dat een organisatie uitstekend presteert en buitengewone resultaten behaalt bij de burger/klant, bij haar medewerkers en in haar directe omgeving dankzij een leiderschap dat de strategie en de planning, de medewerkers, de partnerships, de middelen en de processen aanstuurt. Het benadert de organisatie gelijktijdig vanuit verschillende invalshoeken. Dat noemen we een holistische analyse van het functioneren van een organisatie.”

Het CAF wordt aangeboden als een instrument om overheidsorganisaties over heel Europa te helpen bij het gebruik van technieken van kwaliteitsmanagement om hun prestaties te verbeteren. Het CAF biedt daartoe een eenvoudig, gemakkelijk bruikbaar kader dat geschikt is voor de zelfevaluatie van overheidsdiensten.

Subscribe to Our Newsletter

Want to stay updated about everything related to PRIMO & developments in Risk Management? Sign up for our Newsletter.

© All rights reserved.

Member information

Follow Us