An ISO working group, hosted at the offices of law firm DLA Piper in London, has put forward proposals for limited revision of the enterprise risk management standard ISO 31000 and an update to the language guide which accompanies it, Guide 73. Their recommendations will go forward to the next meeting of the ISO 31000 technical committee and the working group, which will take place in Istanbul in September. The aim is to have the new documents available before the end of 2016.
FERMA President Julia Graham serves in a non-voting, liaison role for FERMA on both the technical committee and working group, and she is one of the two UK experts on the working group. Julia says, “ISO 31000 has become the most popular enterprise risk management standard in the world and one of the most popular standards in the ISO standards library. It has stood the test of time very well, but it was published in 2009 and it is considered that some modification is required to bring the content and language up to date.”
The ISO technical committee created the working group to begin the work of revision when it met in Chicago in September 2013. The London meeting included representatives from Austria, Australia, Canada, China, France, Germany, Ireland, Italy, Japan, Mexico, Netherlands, New Zealand, Switzerland and the United States in addition to the UK.
The working group considered several pages of comments on the revisions proposal, and using the opportunity of uch an international gathering being in London, received a number of presentations on current topics focused on resilience, including a presentation by Airmic chief executive John Hurrell on Airmic’s research report Roads to Resilience.
After much debate, the working group put forward a design specification for adoption by the Technical Committee.Having studied the implications of both a limited and a full technical revision of ISO 31000 and Guide 73, it proposed to
concentrate its resources on a limited revision and not yet start a full technical revision.
The working group also recommended that the technical committee consider creating:
- A study group on human and cultural factors;
- A study group on risk management maturity;
- A group to continue working on an ISO 31000 survey for discussion in Istanbul;
- A less formal study group to look at other potential work items, such as risk appetite and risk management in SMEs.