THE USE OF THE RISK MANAGEMENT STANDARD ISO 31000 IN FINNISH ORGANIZATIONS
LIUKSIALA, ALEKSI (2013)
LIUKSIALA, ALEKSI
2013
Vakuutustiede - Insurance
Johtamiskorkeakoulu - School of Management
This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Hyväksymispäivämäärä
2013-02-08
Julkaisun pysyvä osoite on
https://urn.fi/urn:nbn:fi:uta-1-23262
https://urn.fi/urn:nbn:fi:uta-1-23262
Tiivistelmä
The requirements for effective risk management have grown during the recent years. The first decade of the current millennium has seen a number of economic crises, beginning from the collapse of Enron in 2001 to the latest capital market crisis in 2008, which have been drivers for increased corporate governance. The globally interconnected economy calls for heightened awareness of the uncertainty factors related to the operational environment. As a response to these emerging needs, a substantial growth and development has been seen in the risk management industry. However, the diversity of different actors in the field of risk management has been a source for much confusion and ambiguity with regard to mutual RM practices and the use of terminology. The attempts to harmonize risk management practices have been actualized in a number of risk management standards, latest of which is ISO 31000. The new risk management standard is anticipated to achieve the position as a global benchmark for risk management practices.
This study attempts to examine the use of the risk management standard ISO 31000 in Finnish organizations. The main emphasis is in measuring the performance of risk management against the requirements of the standard. To address this issue, a survey was conducted to Finnish risk management professionals representing enterprises and public sector organizations. In addition to investigating the current use of ISO 31000, the survey investigated the risk management maturity with 37 Likert scale questions based on the contents of the standard.
The risk management maturity on average was found to be neither high nor low, thus implying, that the Finnish organizations are lacking behind the requirements of the standard. The results substantiate the intuitive presumption that the large enterprises are more mature in their risk management than the small- and medium-sized companies. The most problematic area were the risk management performance measurement and the quality of communications with employees and external stakeholders.
Asiasanat: Risk management, ISO 31000, Enterprise Risk Management, ERM
This study attempts to examine the use of the risk management standard ISO 31000 in Finnish organizations. The main emphasis is in measuring the performance of risk management against the requirements of the standard. To address this issue, a survey was conducted to Finnish risk management professionals representing enterprises and public sector organizations. In addition to investigating the current use of ISO 31000, the survey investigated the risk management maturity with 37 Likert scale questions based on the contents of the standard.
The risk management maturity on average was found to be neither high nor low, thus implying, that the Finnish organizations are lacking behind the requirements of the standard. The results substantiate the intuitive presumption that the large enterprises are more mature in their risk management than the small- and medium-sized companies. The most problematic area were the risk management performance measurement and the quality of communications with employees and external stakeholders.
Asiasanat: Risk management, ISO 31000, Enterprise Risk Management, ERM