| Summary: | 碩士 === 銘傳大學 === 風險管理與保險學系碩士在職專班 === 101 === This research tried to compare the contents of latest international risk management standards of ISO 31000:2009 with other international standard management system which has been implemented by the current enterprise, and preliminary help company involve risk management and meet the ever-increasing risk of species and environmental change around the globe to let enterprise continual survive with the smallest changes .
This study use a similar management system(OHSAS 18001) to be a comparative target since this system includes the function of risk assessment and management treatment. Moreover OHSAS18001 has the most employees and stakeholders participate related activities in the organization. As distinct viewpoints between the ISO 31000 and OHSAS 18001, this research selected an enterprise which has already implemented the system of OHSAS 18001, and checked the implemented situations of matching ISO31000, and supplied useful information to upgrade risk management for an enterprise.
Results sowed that the enterprises only needs to add the following works to the existing management system to let it upgrade the act of risk management.
1. The management cycle enterprise organization''s specific risk (planning, implementation, monitoring and review mechanisms) should be cut into two phases clearly, including cycles of the risk management process and risk management framework management .
2. The model of report for risk management performance should be specifically planned.
3. The organization should properly plan and use the collection of information channels of risk management framework, including the way to transfer this information into knowledge management database.
4. Organizations should clearly formulate risk management process, for the communication and consultation with external and internal stakeholders, and stakeholders'' perception should be identified and recorded.
5. Organizations should clearly document and consider the external and internal environmental that affect the achievement of the goals.
6. The risk treatment plan after risk assessment should be more detail including the reason to choice, expected benefits, report and requirement of monitor, authorized personnel for approve and implement, requirement of resource for activity,arrangement of time and schedule, etc..
7. Activities of monitoring and reviews for risk management should be detail described into a plan, related responsibilities for monitoring and reviews should be clearly defined
|
|---|
