Pass the GAQM GAQM: ISO ISO-31000-CLA Questions and answers with CertsForce

Risk management can be used in varied and complex settings2. Risk management can help organizations deal with uncertainty and complexity in any type of activity, industry, or sector.

Treatment plan provides a roadmap on how the treatment options will be deployed3. Treatment plan helps to define the objectives, scope, responsibilities, resources, timeframe, and monitoring mechanisms for implementing risk treatment actions.

A primary benefit of a commercial customer self-insuring a risk is that its short-term cash-flow position is likely to improve. This is because self-insurance reduces or eliminates insurance premiums and administrative costs associated with external insurers.

The ISO 31000:2018 process can be used to identify stakeholder risk requirements, needs, and expectations4. This is part of establishing the context for risk management, which involves defining the scope, objectives, criteria, roles and responsibilities for risk management.

Level of risk is described in terms of consequence and likelihood. Consequence means the outcome or impact of a risk event on objectives. Likelihood means how probable it is that a risk event will occur.

According to 1, page 9, pure risk is “a situation where there are only two possible outcomes: loss or no loss”. Buying lottery tickets and selling a house are examples of speculative risk, where there is a possibility of gain or loss. Going horse riding without a helmet is an example of pure risk, where there is only a possibility of loss (injury) or no loss.

Risk management is tailored4. Tailored means that risk management takes into account the specific needs, objectives, and characteristics of each organization and its context.

 Risk management is a process with inputs, activities, and outcomes1. The inputs are the organization’s context and risk criteria. The activities are risk identification, analysis, evaluation, and treatment. The outcomes are improved decision making, performance, and resilience.

ISO 31000:2018 consists of risk management principles, framework, and process that have been adopted as a national risk management standard by more than 60 countries23. It provides guidelines on managing any type of risk faced by organizations.

According to ISO31000 (2018), clause 1., it is “not intended for certification purposes”. It provides guidance on how organizations can manage their risks effectively using a systematic approach based on principles, framework and process 3.