ISO 31000

The ISO 31000 standard seeks to be an international standard that encompasses all risk management regulations and, in fact, Germany is the only large state that has not adopted it. Untreated risks can be a source of economic and legal problems, with the consequent damage to the company in the short and medium term.

In Spain, the document UNE-EN 31010: 2011 is applied, which is translated and gives more details about how to manage these situations.

The Spanish UNE-ISO 31000: 2018

In February the revision of the regulations was published, called UNE-ISO 31000: 2018, which seeks to improve text comprehension and prioritize preventive techniques. It should be noted that a practical guide for its application in companies and a text translated into Spanish are already being drafted. The update introduces the following new features regarding the previous one:

  1. Terminology simplification, in order to make it easier for professionals to understand and apply it, eliminating superfluous terms or those that lead to confusion. In addition, generic definitions are introduced to achieve this objective, so that professionals will have reference elements. This is probably one of the main changes.
  2. There is a greater role in the risk management and assessment to cultural and human factors, essential to assess the situation. Without taking into account the customs of a country or a religious group and human errors, it is difficult to have a global vision of the risks. It is not a matter of including idle information, but of having a sufficiently broad perspective to manage all the situations that are generated.
  3. Introducing the idea that the risk is not complex and that it must be assessed separately. The prevention policies have to start from the particular so that the general is not affected. In this way, preventive measures can be adopted that transfer, eliminate or mitigate it partially to the point that it is manageable. The objective is to minimize it as much as possible using systematic action protocols and with the necessary frequency.

Knowing and understanding all the risks that affect the business and anticipating them allows us to analyze, measure, prioritize them, as well as adopting the necessary measures to reduce the potential for losses.

Risk management allows to:

    • Create y protect value brought by your company.
    •  Streamline and strengthen the decision making process.
    • Prevent business interruption and increase its stability.
    • Safeguard reputation and corporate image.
    • Diminish possible legal responsibilities.
    • Clearly define the actual assurance needs.
    • Efficiently allocate your resources: human, material and financial assets.
    • Reduce liabilities.
    • Improve the organizational environment of the company.
    • Favor the company continuous improvement.