ISO 31000:2018 Risk Management – Accelerate Business Performance

Share on facebook
Share on email
Share on twitter
Share on linkedin

The World Economic Forum describes the current competitive business landscape in a word: disruptive. How well an organisation approaches risk management in a climate of volatility can affect its ability to make robust and informed strategic decisions and achieve its objectives.

Download our FREE GUIDE ISO 31000:2018 How do I get started? where we investigate the 8 Principles that set out the requirements for a risk management initiative.

Traditionally, risk management played a supporting role at board level. However, over the past decade, organisations have adopted the view that risk management must be embedded in the general management of an organisation, and fully integrated across an enterprise with functions such as finance, strategy, internal control, procurement, continuity planning, human resources, and compliance.

Voices of stakeholders have become louder in their demand for transparency and accountability in managing the impact of risk, and evaluating the ability of leadership to embrace opportunities. The use of technology and economic globalisation have made risks increasingly entwined, placing even more emphasis on sound risk management within any organisation.

To keep pace with a rapidly evolving world and future threats, the International Organization for Standardization published a revised version of its Risk Management Standard in February 2018. Essentially, ISO 31000:2018 reflects the evolution of risk management thinking from a separate ‘siloed’ activity to an integrated management function. The overarching strategy of the standard is to embed risk management best practices on a micro-level within organisations so as to manage threats that stand in the way of enterprises achieving their objectives, and create value by finding and exploiting opportunity. This should grab the attention of anyone looking to gain competitive advantage, improve operations, or reduce costs within their organisation.

ISO 31000:2018 - Five Things to Know

1. It is clear and concise

The standard delivers a clear and concise guide to help all organisations manage risks. Risk management concepts are simply explained, giving diverse organisations and people the ability to access the tools that can drive change in order to protect and create value. ISO 31000:2018 is supplemented by ISO Guide 73:2009, a vocabulary index used to support ISO 31000:2018, and ISO 31010:2009 that focuses on risk assessment concepts, processes and the selection of risk assessment techniques.  ISO 31000:2018 has been trimmed down to just 15 pages, and risk management principles reduced from 11 to 8, which streamlines the process for implementation.

2. It is easy to implement

All organisations make decisions that shape their future every day. ISO 31000:2018 provides guidance on how to manage uncertainty to meet objectives, and how to implement risk management to support strategic decision making. This promotes intelligent risk taking at all levels of a business. Risk management best practices promote critical thinking about the role of uncertainty in decision making, and encourage the identification, assessment, and treatment of uncertainty that can impact daily business activities. Small organisations with limited room for exposure to adverse internal and external risks now have the ability to access invaluable tools to create a tolerable risk environment and protect value.

3. It creates and protects value

Creating and protecting value is the central tenant of ISO 31000:2018. If processes are not adding value, they are simply adding costs. The standard helps enterprises improve performance by embedding risk management into all business decision-making processes and making risk-based thinking a daily activity.

4. It reinforces integration

Integration is mentioned throughout the standard. Here are a few examples:

  • Risk management should be part of the organisational purpose, governance, leadership and commitment, strategy, objectives and operations.
  • Properly designed and implemented, the risk management framework ensures that the risk management process is a part of all activities throughout the organisation.
  • The organisation should continually improve the suitability, adequacy and effectiveness of the risk management framework and the way the risk management process is integrated.
  • The risk management process should be an integral part of management and decision-making and should be integrated into the structure, operations and processes of the organisation.

5. It focuses on leadership

Support from top management is essential for successful implementation of the risk management framework and processes. Leadership support for risk management becoming a strategic planning and decision-making tool creates a risk aware culture at all levels of the organisation.


ISO 31000:2018 can help create and protect value for any organisation by providing a flexible framework. If individuals are given the tools to promote critical thinking on how uncertainty can impact meeting objectives then the organisation should see an increase in value from an integrated risk management framework.

Ready to get started?

Risk ZA is a leading provider of enterprise risk management training programmes, which aim to improve your business performance. Contact us on +27 (0) 31 569 5900, email info@riskza.com or visit www.riskza.com.

PLUS! Download our FREE GUIDE ISO 31000:2018 How do I get started? where we investigate the 8 Principles that set out the requirements for a risk management initiative.

For more information or guidance on which ISO standard(s) and services would best suit the needs of your organisation, please email Risk ZA at info@riskza.com or contact us on 0861 Risk ZA / +27 (0) 31 569 5900.

You can share this blog on your preferred social media platform:

Share on facebook
Share on twitter
Share on linkedin
Share on email

How to become more effective: building sustainable business

How to become more effective: building sustainable business
Share on facebook
Share on google
Share on twitter
Share on linkedin

Business owners and executives are facing a complex set of social, environmental, market, political, and technological changes. A substantive number of organisations and industries in South Africa have been experiencing rapid, massive, and sometimes devastating change over the last 10 years. This rapidly-changing environment requires flexible, innovative and sustainability-based management, supported by management systems that can accommodate them.

Understandably, organisations are reluctant to place sustainability at the centre of  business strategy, believing that costs outweigh the benefits. On the contrary, business experience points to the opposite effect – embedding sustainability can benefit performance and ensure survival.

The competitive advantage of stakeholder engagement

The aim of traditional business models is to create value for investors. Today, organisations are involved in multiple relationships, making them interdependent and reliant on each other for success. Sustainable organisations create value through engagement with stakeholders, which places them in a position to anticipate and react to changes when they arise.

An instance of the necessity for adapting to change is evident in South Africa. Everyone understands that development and economic growth are impossible without sustainable water supplies. Many public and private organisations still focus solely on improving water efficiency or implementing water-related corporate social responsibility projects. A great example present – while SABMiller works to improve water efficiency in its operations, the organisation’s water risk occurs beyond the factory gate.  To secure its water supply, SABMiller has formed key partnerships to understand shared water risk in Tanzania and South Africa.

Until recently, water stewardship was a fringe idea. However, organisations like Nestlé and Coca-Cola have emerged as influential water stewardship leaders, joining forces with the International Finance Corporation to form the 2030 Water Resources Group, which tackles water scarcity.

Good stakeholder relations can also avert disastrous conflict situations, which can severely disrupt operations. The Marikana tragedy of 2012 is a sobering reminder. Investors took a huge knock and responded by questioning whether the strike pointed to wide-spread labour relations problems in the Lonmin Group, and spelt the end for South African platinum mining.

Improving Risk Management

Global supply chains are vulnerable to many risks. A McKinsey survey revealed that 90% of organisations could point to ‘a specific event or risk’ – such as consumer pressure  – that triggered their commitment to sustainability. McKinsey reports that risk related to sustainability issues can be as high as ‘70% of earnings before costs’.

In the agriculture, food, and beverage sectors climate change can alter growing conditions, causing disruptions in supply. Nestle works with small scale cocoa producers in West Africa and other countries to improve crop yields, train farmers and monitor child labour practices.

Unlike traditional business risk, social and environmental risks manifest over a longer period, often affecting an organisation in multiple areas. These risks are largely outside the organisation’s direct control, and managing them may require investments for capacity building and developing adaptive strategies.

Fostering Innovation

Investing in sustainability can drive innovation. Redesigning products to meet environmental or social needs offers new opportunities. Unilever has embraced an end-to-end sustainability approach and has responded to water-scarcity by developing a dishwashing liquid that uses less water. Sales of the product outpace category growth in certain water-scarce markets.

Building Customer Loyalty

Today’s consumers expect transparency and honesty, and can choose from many sustainable, competitively priced products. In fact, in the food and beverage industry, a growing number of consumers are considering values beyond price and taste in their purchasing decisions.

Improving Financial Performance

Over and above the financial benefits that arise from competitive advantage and innovation, organisations are saving costs through better management of natural resources. Moreover, investors are paying attention.

By tracking environmental, social and governance factors, investors are seeing an overall improvement in financial performance. Dow Chemical has an ambitious environmentally-driven business model, which CEO Andrew Liveris  says is good for the earth and the bottom line.

ISO standards support long-term sustainable success

Sustainability can only be achieved by following a relentlessly process of continual improvement. ISO has developed a number of standards, each of which details approaches to achieving long-term sustainable success.

An organisation can thrive in any one of the following areas, by either implementing a standalone or an integrated Management System:

ISO 9001:2015 Quality Management Systems (QMS)

ISO 9001:2015 focuses on continual improvement and provides management with the ability to improve by bringing together quality management system results and business performance results.

ISO 14001:2015 Environmental Management Systems (EMS)

ISO 14001:2015 focuses on continual improvement and promotes environmental sustainability.

ISO 45001:2018 Occupational Health and Safety Management Systems (OHS)

ISO 45001:2018 focuses on risk assessments related to workplace hazards with participation across the organisation and drives continual improvement.

ISO/DIS 50001 Energy Management Systems (EnMS)

ISO/DIS 50001 (pending a release of revision) focuses on continual improvement and assists organisations to integrate Energy Management into their efforts to improve Environmental Management.

For more information or guidance on which ISO standard(s) and services would best suit the needs of your organisation, please email Risk ZA at info@riskza.com or contact us on 0861 Risk ZA / +27 (0) 31 569 5900.

You can share this blog on your preferred social media platform:​

Share on facebook
Share on google
Share on twitter
Share on linkedin