+ Homepage
+ News
+ Concept of risk
+ Types of risks
+ Risk analysis
+ Risks insurance
+ Risk management
+ Risk management methods
+ Risk management system
+ Articles on risk management
+ Catalog of magazines on risk
+ Contact
+ Site map

History of developing risk management standardization

To systematize risk perceptions in 1995. The first national Australian-New Zealand risk management standard, AS/NZS 4360:1995, was published. This standard is based on the scientific works and good management practices of Robert Maurice, Russell Gallagher, Douglas Barow, Joseph Kenneth Arrow and others. AS/NZS 4360:2004 "Risk management" has general risk management guidelines to provide senior government management, private or public organizations, groups and individuals have a clear basis for planning and decision-making, for accurately identifying opportunities and threats, and for gaining the necessary knowledge in situations of uncertainty and variability. The further development of standardization processes in the field of risk management led the International Organization for Standardization - ISO to create a single terminology (ISO/IEC Guide 73 "Risk Management - Vocabulary") and general risk management guidelines (ISO 31000:2009 "Risk management - Principles and guidelines").

Since the end of the 20th century, the development of standardization in the field of risk management has been observed both at the international and national and even sectoral levels. This is confirmed by the standard developed by the Committee of Sponsorship Organizations of the Treadway Commission (COSO, USA), the standard of the Federation of European Associations of Risk Managers (FERMA), the standard for risk management ISO 31000:2009, as well as national standards adopted in states with Anglo-Saxon law (Japan, New Zealand and Australia, Canada, UK, etc.).

The leading role among international standards for risk management is played by the ISO 31000 series of standards, which currently includes:

  • ISO 31000:2009 "Risk management — Principles and guidelines"
  • ISO/IEC 31010:2009 "Risk management — Risk assessment techniques"
  • ISO Guide 73:2009 "Risk management — Vocabulary — Guidelines for use in standards"
The above standards were prepared by the ISO Technical Managing Bureau risk management working group with the aim of establishing common guidance, common understanding and use of terms in the field of risk management, as well as recommendations on the selection and application of methods for their assessment.

Historical stages of risk management standards development are presented on infographic:

History of developing risk management standardization.

A distinctive feature of European COSO standards is the obligation for enterprises whose shares are listed on the New York Stock Exchange, while FERMA and ISO 31000 are advisory in nature. COSO ERM provides a conceptual framework for risk management, helps enterprises establish relationships between strategic objectives, organizational structure and the eight main components of the risk management process, and provides recommendations for the development and implementation of integrated control. COSO standards are quite voluminous and complex to apply, so some modern enterprises use the FERMA standard as a basis for setting risk management, complementing the main elements from COSO ERM. Considering the international standard ISO 31000, it is worth noting its versatility.

Risk management standards are not intended for certification purposes. The presence of a large number of international, national as well as sectoral risks of oriented standards indicates their active use and relevance. The modern development of risk management standards leads to a transition from intuitive and fragmented risk management to integrated. Integrating risk management into the overall management process is an effective and efficient risk management tool in line with global best practices.