Search Results for: Change Management

Are We Missing the Point of Risk Management Activities?

Guest Post by Geary Sikich (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

The focus of this article is on the application of guidance (ISO 31000, FFIEC, etc.) often resulting in the appearance of compliance resulting from a checkbox perspective rather than actually and actively identifying and managing risk(s) by organizations.

In Risk Management: History, Definition and Critique, by Georges Dionne (March 2013 – CIRRELT-2013-17); the opening statement from the Abstract is revealing: [Read more…]

by Fred Schenkelberg Leave a Comment

The Check Step of a Risk Management Framework

Planning and Implementing a risk management framework is an admirable accomplishment. Now make sure it is running well and will do so into the future.

As with any process, there will be opportunities to make improvements. By monitoring and reviewing your program you will find what is working well and what is not. [Read more…]

by Greg Hutchins Leave a Comment

ERM in ISO is Enhanced Risk Management

ISO maintains risk has implicitly been a part of the standard since the ISO 9001:2015 revision. How? In the new standard, ‘preventive action’ has evolved to ‘actions to address risk and opportunities.’ This changes the Corrective Action – Preventive Action (CAPA) model. In the past, Preventive Action was implemented as a result of Corrective Action specifically to prevent the recurrence of the nonconformity. [Read more…]

by Fred Schenkelberg Leave a Comment

Reliability and Implementing a Risk Management Plan

With the advent of ISO 31000 and other ISO standards suggesting organizational risk management practices, your organization may have or soon will implement a risk management plan. Reliability of your products, systems, or assets is an element of the organization’s risk profile.

As reliability professionals, your knowledge and skills are a natural fit within any risk management plan. You may focus exclusively on the reliability performance-related risks You may find the skills and tools to identify and mitigate risks play an important role beyond just reliability performance.

Large and small organizations face risks. The lines of communication differ as do the context, culture, and management practices between any two organization. The implementation of a risk management plan has to fit your organization.

Here are few general guidelines and practical considerations when implementing your organization’s risk management plan. [Read more…]

by Fred Schenkelberg 2 Comments

The Difference Between Risk Management and Enterprise Risk Management

The uncertainty concerning the future performance of a product or system is a risk to the customer and supplying organization. A product that fails too often or in an unsafe manner may require repair, replacement, or a recall.

A product’s performance including its reliability performance reflects on the organization that designs, builds, and sells the product. A poor reliability performance is no longer a risk to that individual product, rather it is a risk to the product line and organization as well.

Reliability professionals have long been involved with identifying and mitigating risks. The increased emphasis on enterprise risk management through standards such as ISO 31000 require reliability professionals to consider the larger risk management framework and how reliability related risks fit within the larger context. [Read more…]

by Fred Schenkelberg Leave a Comment

Asset Healthcare Management

Guest Post By: Luis Daniel Khalil

Condition monitoring can help to predict failures and anticipate to them, however it doesn’t always work like this — in the best case scenario we might be able to identify early phase failures or incipient stage of damage mechanisms or failure mechanisms, but if we use it in the wrong manner it will just be a reactive tool.

More than 80% of the failure modes could be randomly patterned. Although performance, vibration, temperature or lube oil condition are being monitored, many of the failures are still not directly predicted by only these conditions. [Read more…]

by James Kovacevic 1 Comment

72 – Asset Integrity Management Systems with Ali Bashir

Asset Integrity Management Systems with Ali Bashir

Whenever we talk about asset management, asset integrity is the first thing that pops up in your mind. Asset integrity is the ability of an asset to perform effectively and efficiently depending upon the environment to meet the bottom-line of an organization. This also includes and depends on the integrity of the systems, processes, and people that show the nature of that organization. Your asset management strategy should be fit for purpose and needs to be developed considering the requirements of the organization along with the risks that are involved if it fails. This is where the Asset Integrity Management Systems come in action.
ᐅ Play Episode

by Leave a Comment

ISO 3100: Enterprise Risk Management

ISO 31000: Enterprise Risk Management

by Greg Hutchins PE CERM

This book is the first and only book that describes ISO 31000 in terms of:

Architect the system. Architecting means determining which elements of the risk management framework, system, or process should be used and tailored based on the organizational context.
Design the system. Designing the system means determining how each element of the risk management process can be tailored to specific organizational stakeholders, customers, and interested parties.
Implement the system. Implementing means integrating the risk management framework and process into the organization’s general management system. This step is often a behavioral and cultural change in the project.
Assure the system. Assuring means risks are being controlled within the organization’s risk appetite and objectives are being met.

ISO 31000: Enterprise Risk Management Benefits

ISO 31000 risk management framework is descriptive not prescriptive. It describes in general terms risk management principles and elements of a framework. The purpose of the framework is to integrate risk management into ISO management systems such as ISO 9001:2015 or ISO 14001:2015. ISO 31000 is written so an organization may tailor its components to its context and specific requirements.

ISO 31000: Enterprise Risk Management is adaptable to different organizations, contexts, statutes, and environments. Properly architected, designed, implemented, and assured, ISO 31000: Enterprise Risk Management book offers you the following benefits:

Is an international standard that more than 60 countries have adopted as a national risk standard.
Is practical for the small to medium sized organization getting into Risk Based Thinking.
Can be applied and integrated into ISO management systems easier than any risk management framework.
Can be applied to organizations in almost any sector, maturity level, and capability level.
Is an open ended guideline that is flexible and open to interpretation so it can be applied universally.
Encourage proactive, preventive, preemptive, and predictive™ decision making rather than reactive management.
Identify and treat risks throughout the enterprise.
Improve identification of upside risks (opportunities) and downside risks (threats).
Comply with legal and regulatory requirements.
Improve financial reporting.
Improve corporate governance, risk, and compliance (GRC).
Improve stakeholder confidence and trust.
Improve ‘Tone at the Top’ and other soft controls.
Establish a reliable basis for risk based, problem solving and decision making.
Improve operational risk controls.
Allocate resources effectively and efficiently for risk management, treatment, and mitigation.
Improve operational effectiveness, efficiency, and economics.
Improve incident management and prevention.
Identify and minimize possible losses.
Is structured around the PDCA cycle that most operations, six sigma, and quality professionals understand.
Is a short standard that can be read easily and quickly.

ISO 31000: Enterprise Risk Management Chapters

Introduction
ISO Risk Based Thinking
ISO 31000 Risk Management Principles
ISO 31000 Risk Concepts and Definitions
ISO 31000 Framework for Managing Risk
ISO 31000 Risk Management Process
ISO 31010 Risk Assessment Tools and Techniques
ISO 31000 Enhanced Risk Management
Appendix
Risk Glossary

by Greg Hutchins Leave a Comment

ISO 31000 as an Enterprise Risk Management Standard

ISO 31000 is 23 pages long, but these pages provide an entry level Enterprise Risk Management (ERM) guideline.

Why is this important?

An organization develops ISO 31000 ERM capabilities to provide a structured, consistent, disciplined, and achievable approach to risk management that facilitates Risk Based Thinking throughout the organization. Risk Based Thinking is composed of 1. Risk based, problem solving (RB – PS) and 2. Risk based, decision making (RB –DM). Both RB – PS and RB – DM are the basis for all management and supervision. We discuss this in our new book: ISO 31000: Enterprise Risk Management.

Interestingly, we wrote a 230 page book packed with loads of information for a 23 page standard. And oh by the way, we could have written another 200 pages. [Read more…]

by Fred Schenkelberg 1 Comment

A Framework for Risk Management

Making or supporting decisions involving product or system reliability is fraught with uncertainty. Is it reliable enough? Will failures occur prematurely? Are failures dangerous?

Uncertainty is risk.

In recent years more organizations and international standard bodies have focused on risk management. Identifying, analyzing, and mitigating uncertainty in a systematic manner.

There is not a set way for every organization to organize a risk management process. The ISO 31000 standard does describe a framework for the implementation of risk management within your organization. [Read more…]

by Fred Schenkelberg 2 Comments

CRE BoK and Risk Management

The New ASQ CRE BoK Group: Risk Management

The 2018 ASQ CRE Body of Knowledge has a new top-level section titled II. Risk Management.

A few of the topics, 6 of the 9, are the same or similar to topics in the previous CRE BoK. There are three new topics that extend the reliability engineers need to know, understand, and use risk management tools.

Overall the new section of Risk Management has three groups of topics:

A. Identification

B. Analysis

C. Mitigation

Let’s take a quick look at the details in this new section and highlight the changes and new elements. [Read more…]

by James Reyes-Picknell Leave a Comment

Capital Asset Management: Setup part 3

What is added to the capital investment?

Your upfront capital investment must go beyond engineering, procurement and building costs. Additional activities that will need to be done that fit within the 2 – 3 % of capital cost figure are:

RCM analysis on the new design (preferably at both concept and detailed design phases so you can incorporate design change recommendations easily) [Read more…]

by James Reyes-Picknell Leave a Comment

Capital Asset Management: Setup — part 2

The rest of us are missing the boat!

Check out part 1, too.

RCM has two potential uses – to set you up for success or to regain success from the jaws of failure.
Regardless of when you use it though, RCM alone isn’t enough to get all the benefits. Applying it after the systems are in service, to recover shortfalls in performance, and then failing to follow up on RCM’s results only delivers part of the benefit. That’s where the aircraft and nuclear industries and the military have it right – they take those extra needed steps. The rest of us don’t! [Read more…]

by Fred Schenkelberg Leave a Comment

Uncertainty and Risk Management

We are rather good at being surprised when setting expectations for the future. This is the essence of risk. The difference between what we expect to occur or would like to occur, and what does occur.

The definition of risk in ISO 9000:2015 and ISO 31000 include the phrase “ effect of uncertainty”. Let’s remove some of the uncertainty around the term uncertainty in the context of risk and risk management. [Read more…]

by Greg Hutchins 2 Comments

Basics: Project Risk Management

Guest Post by Rod Farrar (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

The project management body of knowledge generally focuses on scope management, time management, and cost management. Risk management generally comes in at about 8th place out of the ten.

However, risk management is potentially the biggest part of the project management planning process.

Often organizations assign resources, dollars and time to project objectives to know exactly when the project is going to finish, how much it is going to cost and what resources are needed.

The problem with doing this is they have not identified risks. [Read more…]