A Standard Too Far ? Do You Need to Implement ISO 31000 ?

Sep 11, 2013 | general, ISO 31000

One view of the ISO 9001 Quality Management Standard, is that it’s all about minimising the risk of your customers receiving poor products or services.

And broadly, all the other standards are about management system standards..

So, logically, the various bodies responsible for such things eventually got together and published ISO 31000, Risk Management Principles and Guidelines., a single risk assessment process.

And does this means we won’t need ISO 9001, ISO14001,OHSAS 18001 etc, we can all just implement ISO 31000 and not bother about all these individual systems?

Well maybe…

However, in my opinion the basic concept is unlikely to be understood by its main audience. And trying to suggest to industry at large that for the last thirty years they’ve gone awry, when they were primarily driven kicking and screaming in this direction by the standards writers in the first place, is unlikely to win ISO many friends.

But maybe we’ll get there one day. The idea is inherently sensible, but in the meantime I can see a number of problems in realising this Utopian dream:-

1) Vested interests – most large certification bodies sit on the various standards committees and can therefore influence standards greatly. Voting this change into place would greatly reduce the revenues generated by certification, in many cases reducing the three or four individual approvals for ISO 9001/14001/OHSAS 18001 into a single approval. This would mean a single, or at least shorter ISO 31000 visit, and could therefore reduce their turnover by 75%. Turkeys voting for Christmas, in revenue terms

2) Costs of Training –To bring this about the certification bodies would need to train their auditors in ISO 31000. This would be an additional overhead (to cover the training) which would then specifically target and reduce their turnover. So what motivates them to provide it ? “Let’s train all our folks so that they can bring in less revenue via fewer products.” Really?

3) Customer Awareness – Most companies invest in certification to a standard because a customer has requested/insisted on its adoption. How long will it take for those customers and specifying authorities to learn that ISO 31000 covers several of these standards and therefore stop insisting on the existing standards in tenders and purchasing documents?

So, ISO 31000 may be a brilliant and ground breaking document. It may represent the latest, world’s most advanced “management systems” thinking. But personally I can’t see it becoming a standard used by normal companies for many years, if ever.

Academically laudable, but commercially unfeasible. And I speak from some twenty years experience in making standards work in the real world, balancing ideal practice against business practicality.

On reflection, the average Managing Director of a UK SME will no more understand this standard than he did the original BS5750

And with no motivation to implement the standard, and businesses already struggling under the weight of government driven legislation and bureaucracy, I fear this standard will remain just another academic study, sadly ISO31000 is a standard too far.

Written by Colin Brown of ISO Consultants


Article Categories

Share This