ISO offers new approach to counterparty risk

There’s a new standard for risk management in Canada, as the Canadian Standards Association (CSA Standards) has adopted ISO 31000 Risk Management — Principles and Guidelines.

The new ISO standard provides principles, framework and process for managing risk in a transparent, systematic and credible manner. It is the first global standard for risk management. Given the rapid development of globalization, it was high time for such a standard, according to Doug Morton, director, life sciences and business management, CSA Standards.

“These principles and guidelines in ISO 31000 Risk Management serve as an overarching guide for organizations and individuals to help incorporate internationally-recognized best practices for identifying and managing risks across financial, strategic, and operational areas,” he said.

“The Canadian adoption of the ISO 31000 Risk Management standard will enable Canadian organizations to compare their practices with an internationally-recognized benchmark, providing them with sound principles for effective risk management.”

CSA Standards define risk management as “the identification, assessment, and treatment of risks that may affect an organization, business or municipality, negatively, including those which can occur through accidents, disasters, natural causes, legal or financial liabilities or opportunities, or positively, such as new technologies, business ventures or continual improvement.”

While ISO 31000 is the first international standard, Morton points out some countries already had their own standards. In Canada, that standard was Q850, issued in 1997. That standard is now being rewritten as an explanatory document on how to implement and execute the new ISO 31000.

The new ISO will harmonize that patchwork of standards, making it easier for organizations to understand the risk management processes of foreign organizations.

In the financial services industry, this can streamline assessment of counterparties, providing transparency on a range of governance issues. This can also be of use in the investment process, as investors can feel assured that the company will be able to manage unexpected situations.

Morton says organizations are increasingly integrating their risk management processes with emergency management and business continuity planning, each of which have their own ISO.

CSA Standards will introduce training and education programs on ISO 31000 in March.

(02/12/10)