What is Risk Based Thinking?
What exactly do we mean when we talk about Risk Based Thinking? The last revision of ISO 9001 (2015) introduced the concept of Risk Based Thinking. In this ISO standard, a company-wide approach to quality is promoted. This updated approach substitutes the concept of preventive action by ‘Managing Risks and Opportunities’. Actually, it is one of the key changes in this version of the standard. However, in order to develop Risk Based Thinking in your organisation, it is helpful to have a good understanding of the concept ‘Risk’ itself.
What is Risk?
The corporate world is still divided about the understanding of Risk. While some people still have an old and outdated understanding of Risk and Risk Management, others have broadened their view on these concepts. ISO has adopted the more modern view on Risk and Risk Management since the ISO 31000 standard was introduced. This ISO standard is destined to harmonise Risk Management in all the other ISO management standards.
In the video below I explain what this modern view on Risk and Risk Management entails.
A Modern View on Risk Management
Unfortunately, when people hold an old view on Risk Management, they only consider a part of the Risk Management process. Also, they mainly consider the negative side of Risk. They talk of the process of identifying Risks, analysing Risks and evaluating Risks. However, this process is only a part of the Risk Management process, namely the Risk assessment. It is the domain where experts use their knowledge (or field of expertise of traditional Risk managers) to determine the level of Risk(s) and where they develop and compare different options. As such, they provide information for the decision taking.
In my opinion, however, this has little to do with Risk Based Thinking. Risk Based Thinking is that part of the Risk Management process that surrounds the Risk assessment part. In the following video I explain briefly how I look at Risk Management.
How to Introduce Risk Based Thinking into your own Organisation?
The best way to introduce Risk Based Thinking into your organisation is by introducing and implementing the ISO 31000 standard. This internationally accepted Risk Management Standard will provide you with a vocabulary on Risk Management (ISO Guide 73), a set of guiding principles and values, a framework that allows Risk Management to be tailored to your organisation and a process that can be used throughout your entire organisation. It is applicable at all levels, from the strategic top, down to level of the execution of the daily activities and tasks. [see image]
What other people say
Elías Franquis who recently took the ISO 31000 Certification Course explains why Risk Management is fundamental in any organisational decision.
Want to know more?
ISO 31000 Risk Management Certification Course