1              Overview

AS/NZS 4360 is an innovative risk management framework, which organisations of all sizes and nature can adopt.

The standard provides a method for the identification of risks:

- Establish the context

- Identify the events

- Analysis of the events

- Evaluation of risks

- Treatment of risks

Further, our program requires a number of management systems tools and disciplines that will support the risk processes, including:

- Management commitment

- Responsibilities and authorities

- Document control

- Planning

- Training and communications

2              In simple terms

Risk Management is a very widely discussed and published topic at present.

Many compliance programs and regulations are being designed around a risk management approach: i.e. identify the risks and the treat them.

This is an effective and efficient way to handle exposure to events, which would have significant business, client or community impacts.

Certification will assist firms prove and demonstrate that they have sound systems, are keeping them up to date and remain in continued compliance.

3              Specific program conditions

The program requires that the following management systems (based on ISO9001 requirements), supported by procedures be in place:

• Management commitment
• Responsibilities and authorities
• Document control
• Planning
• Training and communications

In addition, the risk management program, and certification needs to be focused and implemented within a stated and documented context. Certification cannot be awarded to all aspect of an organisation. Examples of context could be: IT systems, financial, commercial, people.

4              What documents/records are needed to understand this program

In order to understand our program, you should also access and be aware of the following documents:

·         G-00: Client Pack

·         MSP-00: Introduction to our management systems

·         MSP-01: Nomenclature and definitions

·         MSP-24 Appeals