Dr. Bruno Bruehwiler, Vincent Tophoff  | 

Standard and related guidance

The global International Organization for Standardization (ISO) Standard 31000:2009—Risk Management, published in 2009, sets out principles, a framework, and a process for managing risk that are applicable to any type of organization in the public or private sector. 

Using ISO 31000 can help organizations increase the likelihood of achieving objectives, improve the identification of opportunities and threats, and effectively allocate and use resources for risk treatment. However, while ISO 31000 cannot be used for certification purposes, it does provide guidance for internal or external audit programs. Organizations using it can compare their risk management practices with an internationally recognized benchmark, providing sound principles for effective management and corporate governance.

In 2013, ISO published ISO/TR 31004:2013, Risk Management—Guidance for the Implementation of ISO 31000, which will help organizations smoothly align their risk management practices to ISO 31000. This technical report provides:

  • A structured approach to efficiently transition existing risk management practices to ISO 31000, with a dynamic outlook to adapt to future changes;
  • An explanation of the underlying concepts of ISO 31000 with advice and examples tailored to the user's individual needs; and
  • Additional guidance on the ISO 31000 principles and framework for the management of risk.

Revision

Organizations from around the world have had five years to implement the standard and gain experience with it. Generally, the standard has been well received and many organizations have successfully implemented the standard. This has led to new insights but the external environment has also changed. For that reason, the Core Risk Management Standards Working Group will meet in April 2014 in London to perform a limited editorial revision of the existing standard and prepare a substantial technical revision over the longer term. Almost 40 experts from 20 countries are engaged in these projects. 

Risk Management and the accountancy profession

Risk management is at the heart of the work of all professional accountants. Many professional accountants play a leading role in the management of risk in their organization or advise organizations evaluating and improving their risk management arrangements. In addition, all professional accountants deal with risk in all their daily activities.

As the global organization for the accountancy profession, IFAC actively participated in the development of the guidance for the implementation of ISO 31000 and will participate in the upcoming revisions of the standard itself. To this end, IFAC is very interested in your experiences with the standard and would like to hear from you on what, if anything, needs to be changed in the standard. Please share your comments below and we will share them with the working group. We look forward to your feedback and will keep visitors to the Gateway posted on the progress of the revision. Many thanks in advance!

Dr. Bruno Bruehwiler

ISO Core Risk Management Standards Working Group

Dr. Bruno Bruehwiler is the CEO of Euro Risk Limited in Zürich and has been appointed as convenor of ISO TC 262 Risk management WG “Core risk management standards”.  He is also the project manager of the ONR 49000-series which has been published in its 4th version recently. Dr. Bruehwiler is a professor for risk management at the Institute of Technology in Deggendorf/Bavaria and member of the board of its Institute for risk and compliance management. Dr. Bruehwiler is founder and chairman of the risk management network in Switzerland.  

Vincent Tophoff

Former Senior Technical Manager

Vincent Tophoff was a senior technical manager at IFAC, working with the Professional Accountants in Business Committee. Previously, he was a partner at INTE-Q Integration Management, a management accountancy consulting firm in The Netherlands and senior lecturer at the postgraduate accountancy program of the Vrije University in Amsterdam.