[go: up one dir, main page]
Scribd
Upload
52 views5 pages

Compliance - Implementing Risk Management

Implementing Risk Management

Uploaded by

Paulo Reis
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
52 views5 pages

Compliance - Implementing Risk Management

Implementing Risk Management

Uploaded by

Paulo Reis
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

Implementing Risk Management in an Organization

Before entering how to implement effective risk management, it is necessary


to briefly understand some concepts.
Risks is a deviation from what is expected, and may be positive or negative or
both, and may address creating or resulting in opportunities and threats.
Risk management are coordinated activities to drive and control an
organization and internal controls is a concern for all organizations, be they small,
medium days or large corporations.
THE ABNT NBR ISO 31.000:2018 AND NBR IEC 31.010:2021 (RISK MANAGEMENT –
TECHNIQUES FOR THE RISK ASSESSMENT PROCESS ) contain principles that should be used in
the implementation of risk management, improving performance, encouraging
innovation and supporting the pursuit of its objectives.

(1st) step - INTEGRATION - Risk management is an integral part of all organizational


activity.

(2nd) step -STRUCTURE AND COVERAGE - Structured and comprehensive approach to


risk management contributing to consistent and comparable results.
SCOPE, CONTEXTS AND CRITERIA

ABNT NBR IEC


31.010:2021

RISK ANALYSIS RISK ASSESSMENT

RISK TREATMENT
• monitoring and critical analysis

RECORDS AND REPORTS

• communication and consultation .


(3rd) step - CUSTOMIZED - The structure and process of risk management should be
customized and proportional to the external and internal contexts of the organization
related to its objectives.

(4th) step - INCLUSIVE - The appropriate and timely involvement of stakeholders


enables their knowledge, point of view and perceptions to be considered.

This results in better awareness and management of reasoned risks.

(5th) step - DYNAMIC ASSESSMENT AND MEASUREMENT - Risks may emerge to change
or disappear as the external and internal contexts of an organization change. Risk
management anticipates, detects, recognizes and responds to these changes and events
in an appropriate and timely manner.

In this context there are 42 techniques to identify, understand and assess all
types of risks. (NBR IEC 31.010:2021)
➢ Techniques for getting point of view from stakeholders:
➢ Brainstorming;
➢ Structured interviews;
➢ DELPHI Techniques

Techniques for identifying risks:


List;
FMEA/FMECA;
HAZOP;

❖ Techniques for determining Sources, Causes and Risk Factors:


❖ ISHIKAWA Diagram (FISHBONE)
❖ Root Cause Analysis

(6th) step - BEST AVAILABLE INFORMATION - Risk management explicitly takes into
account any limitations and uncertainty associated with this information and
expectations. As best practice it is important that this information is clear and available
to stakeholders.

(7th) step - human and cultural factors - should be observed in the organizations.

(8th) step - CONTINUOUS IMPROVEMENT - Risk management is continuously improved


through learning and experiences.
Rio de Janeiro, MAY

28, 2023.

JOHN GALARANI
CALL 55(21)96530-3297

COMPLIANCE OFFICER, AML/CFT And LGPD/GDPR

You might also like