MANAGING BEST PRACTICES: Risk management for your career

The buzz is building over the International Organization for Standardization (ISO) 31000 Risk Management — Principles and Guidelines on Implementation. After years of hashing things over, the final standard is expected soon (the ISO website shows a release date of June 30, 2009). You can find a link to ISO 31000 draft at

The reason a lot of people are excited about ISO 31000 is that it brings together a global consensus on risk management condensed into about 20 pages of information. All forms of risks such as financial, security, safety, health, and environment are included. “Not pursuing an opportunity” is also a risk. According to the standard, risk is not always negative, but simply viewed as the “effect of uncertainty on achievement of objectives.”

Figure 1 – ISO 31000 Risk Management Process

Risk management process

The ISO 31000 risk management process is summarized in Figure 1 (above). The process should be familiar to EHS pros. For example, the definition of industrial hygiene from the American Industrial Hygiene Association (AIHA) includes “anticipation, recognition, evaluation and control” of environmental hazards that may impact workers. Although the words used by AIHA and ISO may differ, their meaning remains much the same. For example, “treatment” according to ISO is similar to AIHA’s “control”; although ISO is more inclusive and would include sharing risk with another party, i.e. insurance.

Who will use ISO 31000?

Typically, as most ISO standards go, advanced organizations will be the first to apply the information. It’s the concept of applying risk management to an individual that should peak your interest. Your career and job contain risks that should be managed. ISO 31000 may help you to focus on managing individual risks.

Will it work?

Back in the early 1990s the corporation I worked for embarked on massive organizational change. “How do we become the best” was the CEO’s vision. Task forces were developed to propose and implement actions to achieve the vision. Successes followed. The corporation received IndustryWeek’s “100 Best Managed Companies” in the world award in 1997 and 1998.

I served on a task force that looked at how the corporation should manage risks. We applied many of the strategies now found in ISO 31000. This led to my traditional role of an industrial hygienist being changed to a role of considering all risks, such as risks to reputation, to the corporation. I worked out of the newly established “Risk Identification and Prevention” section of the corporation’s legal department.

Here’s what I learned from this experience: It was in my own best interest to consider individual risks to my job. I developed a career plan filled with “what if” considerations and treatments, i.e. control. An acquisition by another company indeed put my job at risk. But I was prepared for the effect of uncertainty on achieving my objectives.


ISO 31000 states that risk management should contain the following principles: a) create value; b) integral part of the organizational process; c) part of decision-making; d) explicitly address uncertainty; e) systematic, structured and timely; f) based on the best available information; g) tailored; h) takes human and cultural factors into account; i) transparent and inclusive; j) dynamic, iterative and responsive to change; and, k) facilitates continual improvement and enhancement of the organization. All these principles can be applied to you and your career planning.


The framework for managing risk under ISO 31000 is simple. Once commitment is established there is a loop of actions that include: 1) design the framework, 2) implement risk management, 3) monitor and review the framework, and 4) continual improvement of the framework.

Will you use ISO 31000?

You have individual professional objectives. Uncertainties that may affect these objectives are your risks. These uncertainties, however, may be positive. Remember, “Not pursuing an opportunity” is a risk identified in ISO 31000. Are there individual opportunities that you have not identified, analyzed, and evaluated?

While your employer may be slow to apply the principles and guidelines necessary to implement risk management in accordance with ISO 31000, this does not mean that you can’t apply the information to help meet individual objectives. If you read ISO 31000 with this in mind, it becomes easier to understand its application and value. And the better you understand the standard, the easier it will be to help your employer commit to a global consensus on risk management that may help them achieve EHS objectives.

Did you enjoy this article? Click here to subscribe to ISHN.

Recent Articles by Dan Markiewicz, MS, CIH, CSP, CHMM

You must login or register in order to post a comment.



Image Galleries

Scenes from the World of Safety

Sights, signs & symbols from the National Safety Congress & Expo held in San Diego, CA, September 15-18

4/14/15 2:00 pm EDT

RISK-BASED SAFETY MANAGEMENT SYSTEM: Key Components for Applying Risk Tools to EHS Efforts

Join us for this webinar as we discuss how you can make effective use of risk analysis and risk management technology to guide efforts within your organization. We will distinguish between risk analysis and risk management; and identify some of the software tools that will help proactively identify, document, mitigate, and prevent high-risk events. You will learn how to improve compliance, reduce risk, and cut costs in your organization using these automated tools.

ISHN Magazine


2015 April

Check out ISHN's April issue, which features content about lockout-tagout, heat stress, hearing protection and more!

Table Of Contents Subscribe


M:\General Shared\__AEC Store Katie Z\AEC Store\Images\ISHN\safetyfourth.jpg
Safety Engineering, 4th Edition

A practical, solutions-driven reference, Safety Engineering, 4th edition, has been completely revised and updated to reflect many of today’s issues in safety.

More Products

For Distributors Only - January 2015



For Distributors Only is ISHN's niche brand standard-sized magazine supplement aimed at an audience of 2,000 U.S. distributors that sell safety products. Circulation only goes to distributors. 



Facebook logo Twitter YouTubeLinkedIn Google + icon

ishn infographics

2012 US workplace deathsCheck out ISHN's new Infographic page! Learn more about worker safety through these interactive images. CLICK HERE to view the page.