Professional Documents
Culture Documents
Management Process
Osama Mohammed
Quality & Safety Officer
• Osama Mohammed Quality and safety officer at Altameer
systems solutions
• I started working there after my graduation and in my current
position I’m responsible for implementing ISO standards and
improving performance, I am also responsible for the safety of
the employee on the site.
• I graduated from the technical college of Management in Quality
management techniques, I graduated with the second-highest
result in my college.
• I have many certificates in risk management from Udemy and
Coursera.
Risk management standards
• ISO 31000: International standard issued by the International Organization
for Standardization (ISO) provides principles, framework, and process
guidelines for risk management. ISO 31000 is applicable to all types of
risks and helps organizations establish a risk management system that
aligns with their objectives and context.
• IEC 31010: This standard, part of the IEC 31000 series, focuses on risk
assessment techniques and provides guidance on selecting and applying
various methods to assess risks.
• COSO Enterprise Risk Management (ERM) Framework: Developed by
the Committee of Sponsoring Organizations of the Treadway Commission
(COSO), this framework offers a comprehensive approach to enterprise
risk management. It emphasizes integrating risk management into an
organization's strategic planning and decision-making processes.
ISO 31000
• ISO 31000 An international standard developed by the International Organization
for Standardization (ISO) that provides guidelines and principles for risk
management.
• It was first published in 2009 and has since been revised in 2018 to ensure its
continued relevance and effectiveness. The standard is designed to help
organizations of all types and sizes establish a systematic and structured
approach to managing risks.
• Key points about ISO 31000 include:
1.Purpose: ISO 31000 aims to assist organizations in effectively identifying,
assessing, and managing risks that could impact their ability to achieve
objectives and succeed in their missions.
2.Scope: The standard is applicable to all types of risks, whether they are related
to financial, operational, strategic, or other aspects of an organization.
ISO 31000
3. Framework: The standard provides a flexible framework for
risk management, allowing organizations to tailor their approach
to suit their specific context, objectives, and risk appetite.
4. Benefits: By adopting ISO 31000, organizations can enhance
their ability to identify opportunities and threats, improve
decision-making, optimize the allocation of resources, and
strengthen their resilience in the face of uncertainties.
Terms and definitions
Note 1: An effect is a deviation from the expected. It can be positive, negative or both, and
can address, create or result in opportunities and threats.
Note 2: Objectives can have different aspects and categories, and can be applied at
different levels.
Risk management: Coordinated activities to direct and control an organization with regard
to risk
• Operational Risk: This type of risk is associated with the internal processes,
systems, and procedures within an organization. It includes risks related to
human errors, technology failures, supply chain disruptions, fraud, legal and
compliance issues, and any other risks that may arise from day-to-day
operational activities.
• Strategic Risk: Strategic risks are those risks that arise from the strategic
decisions and choices made by the organization. These risks are related to the
organization's long-term goals, objectives, and business direction. Examples
include market shifts, changes in consumer behavior, new competitors, mergers
and acquisitions, and changes in government regulations.
Risk Types
• Financial Risk: Financial risks are related to the organization's
financial structure and performance. This includes risks
associated with credit, liquidity, market fluctuations, interest
rates, exchange rates, and investment decisions. Financial risks
can have a significant impact on the organization's profitability
and stability.
Monitoring and review should take place in all stages of the process. Monitoring and review
include:
• Planning, gathering, and analyzing information, recording results, and providing feedback.
• The results of monitoring and review should be incorporated throughout the organization’s
performance management, measurement, and reporting activities.
Recording and reporting
The risk management process and its outcomes should be
documented and reported through appropriate mechanisms.
Recording and reporting aim to:
• Communicate risk management activities and outcomes across
the organization;
• Provide information for decision-making.
• Improve risk management activities.
• Assist interaction with stakeholders, including those with
responsibility and accountability for risk management activities.
Risk Matrix
SWOT Analysis
Fishbone
Risk Register
Thank you for your listening
https://www.linkedin.com/in/osama-tqm/
https://www.instagram.com/osama_tqm3/