标准2025ISO 31000:2009是关于风险管理的标准,该项标准旨在过管理风险、做出决策、设定和实现目标,以及提高绩效来创造或保护公司的价值。该项标准的修订过程发现了保证风险管理简单化的重要性。
ISO 31000:2009风险管理—原则与指南的修订版已进入国际标准草案阶段(DIS),目前草案已进行公众评议。这意味着什么?自2015年3月以来委员会草案(CD)阶段的修订过程中又发生了什么呢?
修订工作遵循一个明确的目标:让事情变得更简单,更清晰。通过使用简洁的语言来表达风险管理的基本原理,语言连贯且易于理解。
该标准提供了有效和高效的风险管理的好处和价值指南,并且有助于组织在追求目标的同时更好地理解和处理自身面临的不确定性。
主要的任务是在给出充分详细的指导和编写整本教科书之间找到恰当的平衡点。考虑到这一点,文本就会综小到基本概念,以制定成了一个易读且应用广泛的文件,更短、更清晰、更明确。
这并不是说对某些用户来说重要的具体含义和分类术语消失了。正相反,提供更详细更精确的信息是修订的一个重要方面。
为了避免压缩标准并使其变得过于复杂,决定减少ISO 31000的术语,只保留主要概念,并把一些词语转移到ISO Guide 73 风险管理——词汇标准中去,是专门针对风险管理的术语,可以和 ISO 31000一起阅读。
该标准加强了其通用质量,为专家和用户提供了重拾信心的依据。每个用户面对不同风险的挑战,但需要和其他利益相关方相互理解和交流。因此,关于构建风险管理框架的条款,其中包含相关的所有可能的用户指南,增加了对于不同国家和产业的其它概念和案例。
“我们想要传达给的DIS读者的信息是批判性地评估当前草案是否能够提供所需的指南,同时保持和所有国家的所有组织的相关性。记住这一点很重要,我们不是起草一项欧洲或美国标准,也不是公众或金融服务标准草案,而是起草一个非常通用的国际标准。”贾森.布朗解释道,他是制定这项标准的ISO/TC 262风险管理技术委员会主席。
很多复杂的语言已不再使用,所以文本精简精确,读者会发现它更容易理解。新草案比CD短,但它更清晰、更精确、更容易阅读。它还有一些实质性的改进,如,强调了人类和文化因素在实现组织目标的重要性,强调风险管理在决策过程的重要性。也就是说,ISO 31000的整体信息保持不变——把风险管理整合到战略和运营管理系统中。
下一步是完成修订工作,以进入国际标准草案(FDIS)阶段。预计新版本的ISO 31000将在2017年底或2018年初发布。
ISO 31000 revision moves towards a clearer and more concise text
ISO 31000:2009 on risk management is intended for people who create and protect value in an organization by managing risks, making decisions, setting and achieving objectives and improving performance. The standard’s revision process discovers the virtues of keeping risk management simple.
The revision of ISO 31000:2009, Risk management – Principles and guidelines, has moved one step further to Draft International Standard (DIS) stage where the draft is now available for public comment. What does it mean? And what happened in the revision process since the Committee Draft (CD) stage in March 2015?
The revision work follows a distinct objective: to make things easier and clearer. This is achieved by using a simple language to express the fundamentals of risk management in a way that is coherent and understandable to users.
The standard provides guidelines on the benefits and values of effective and efficient risk management, and should help organizations better understand and deal with the uncertainties they face in the pursuit of their objectives.
The major task was finding the right balance between giving sufficiently detailed guidance and writing an entire textbook. With this in mind, the text has been reduced to its fundamental concepts to create a shorter, clearer and more concise document that is easier to read whilst remaining widely applicable.
That’s not to say that the specific meanings or sectorial jargons that are important to certain users have disappeared. On the contrary, providing more detail and precise information has been an essential aspect of the revision.
To avoid weighing down the standard and making it too complex, it was decided to reduce the terminology of ISO 31000 to the barebone concepts and move certain terms to ISO Guide 73, Risk management – Vocabulary, which deals specifically with risk management terminology and is intended to be read alongside ISO 31000.
Strengthened by its generic quality, the standard provides the basis for renewed confidence between experts and end users, who each face specific challenges in terms of risk but need to understand and communicate with others stakeholders. As such, the clause on building a risk management framework, which contains guidance that is relevant for every possible user, has since been augmented with additional concepts or examples that are specific to countries and industries.
“The message our group would like to pass on to the reader of the DIS is to critically assess if the current draft can provide the guidance required while remaining relevant to all organizations in all countries. It is important to keep in mind that we are not drafting an American or European standard, a public or financial services standard, but much rather a generic International Standard,” explains Jason Brown, Chair of ISO technical committee ISO/TC 262, Risk management, that developed the standard.
A lot of the complicated language has been eliminated, so the text is leaner and more precise with the expectation that the reader will find it simpler to understand. The new draft is shorter than the CD, but it gains in clarity and precision and is much easier to read. It also includes some substantial improvements, such as the importance of human and cultural factors in achieving an organization’s objectives and an emphasis on embedding risk management within the decision-making process. That said, the overall message of ISO 31000 remains the same – integrating the management of risk into a strategic and operational management system.
The next step in the process will be to finalize the revision work to reach the Final Draft International Standard (FDIS) stage. The new version of ISO 31000 is expected to be published at the end of 2017 or early 2018.