Comparing ISO 31000 (2009) with the draft ISO 31000 (2017) – Part 1

Part 1 –  THE INTRODUCTION

An eye-catching feature

Recently the draft version of the first revision of the ISO 31000 standard has become available for purchase and review. (https://www.iso.org/obp/ui/#iso:std:iso:31000:dis:ed-2:v1:en) and a first rather drastic change is immediately visible in the introduction of the standard, as it really catches the eye. In this first article comparing the ISO 31000 (2009) standard with the draft ISO 31000 (2017) version, I will comment on the changes in the introduction part of this standard.

The graphic (Figure 1 – Relationships between the risk management principles, framework and process) that summarize the standard’s components, has changed considerably and I don’t know yet if this is an improvement or not.

The old picture

Figure 1 – ISO 31000 (2009)

I have always regarded the picture (above) of the ISO 31000 principles, framework and process on one page a highlight and strength of the ISO 31000 (2009) standard. With only a minimum explanation, this image was sufficient to get to know and understand the standard and how risk management is to be structured from the strategic tot the execution levels and how it could be implemented and used in any organisation, whatever the size, sector or industry.

The new picture

Now, at a first glance, I’m afraid that clarity, at least to me, is somewhat lost. Judge for yourself and tell me what you see in the figure below compared to the figure above.

Figure 1 – ISO 31000 (draft 2017)

Furthermore, when reading the introduction, it is immediately clear that a lot of text has disappeared. Now, in the draft version, the introduction only covers half a page of short statements, instead of two pages of more elaborated sentences in the current standard. As such, the direction of the change is immediately noticeable in these opening sentences, giving some remarkable differences for the respective introductions.

The opening statement

For example you could look at the opening sentence of the standard:

“Organizations of all types and sizes face internal and external factors and influences that make it uncertain whether and when they will achieve their objectives.” (2017 Draft version)

Compared to

“Organizations of all types and sizes face internal and external factors and influences that make it uncertain whether and when they will achieve their objectives. The effect this uncertainty has on an organisation’s objectives is risk.” (2009 version)

I think the new version of the opening sentence of the revised introduction is a less powerful statement and tells less about risk than in the current version. Although, it indicates the direction the new version of the standard takes, trying to be more with less. But I’m not yet convinced of the result.

Less is more for ISO 31000

Indeed, critics can say that risk (e.g. in the sentence “the effect this uncertainty has on an organisation’s objectives is risk”) is much more, and surely they are right. So leaving this inadequate sentence out is certainly an option to overcome this flaw. But I would have liked a more encompassing, and maybe more powerful, sentence. For instance:

“Individuals, organizations of all types and sizes, and society as a whole, face internal and external factors and influences that make it uncertain whether and when they will achieve and/or safeguard their objectives. The effect this uncertainty has on individual, organisational and societal objectives is what we call risk.” (Peter Blokland version)

So, maybe less is more, but where is the limit? Some matters still need to remain clear, but this is just my take on this. So, how would you have liked the opening sentence to be?

To be continued …

Please comment!

Interested in ISO 31000?

  • Do you want to know more about ISO 31000 and its revision?
  • Are you looking for certification for this standard?
  • Do you want learn how to integrate risk management at all levels of your organisation and all of its operations?

Join us for one of our certification courses in Brussels or Frankfurt or contact us for an in-house training!

Follow me

Peter BLOKLAND

General Manager at BYAZ
Peter Blokland is the author of 'Total Respect Management' (Lannoo Campus, 2013) and 'Safety and Performance' (NOVA, 2017). In a former life he was a Belgian Air Force pilot, Staff Officer and aircraft accident investigator, finishing his military career at NATO’s Allied Command Operations at SHAPE (BE). In 2008 he became an organizational and business coach, helping organisations, companies and teams to improve and excel.
Since September 2014, Peter is also employed at TUDelft, working as a PhD researcher for the Safety Sciences section of the Technology Policy and Management faculty.
As the managing director of G31000 Europe he is now a trainer and consultant using the ISO 31000 Risk Management Standard.
Some of his articles can be read on LinkedIn
Follow me