《ISO31000风险管理标准中文版-翻译-》由会员分享,可在线阅读,更多相关《ISO31000风险管理标准中文版-翻译-(60页珍藏版)》请在金锄头文库上搜索。
1、INTERNATIONAL STANDARD ISO/FDIS31000Risk management Principles and guidelinesForeword前言ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies(ISO member bodies). The work of preparing International Standards is normally carried out through ISO
2、 technical committees. Each member body interested in a subject for which a technical committee has been established has the right to be represented on that committee. International organizations, governmental andnot-governmental, in liaison with ISO, also take part in the work. ISO collaborates clo
3、sely with theInternational Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.国际标准化组织(ISO)是各国标准化团队(ISO成员团队)组成的世界性的联合汇。制定国际标准工作通常由ISO的技术委员会完毕。个成员团队若对某技术委员会拟定的项目感爱好,均由权参与该委员会的工作。与ISO保持联系的各国际组织(官方的或非官方的)也可参与有关工作。ISO与国际电工委员会(IEC)在电工技术标准化方面保持密切合作的关系。International Standar
4、ds are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.国际标准是根据ISO/IEC导则第2部分的规则起草的。The main task of technical committees is to prepare International Standards. Draft International Standards adopted by the technical committees are circulated to the member bodies for voting
5、. Publication as an International Standard requires approval by at least 75 % of the member bodies casting a vote.由技术委员会通过的国际标准草案提交各成员团队投票表决,需取得了至少3/4参与表决的成员团队的批准,国际标准草案才干作为国际标准证实发布。Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights.
6、ISO shall not be held responsible for identifying any or all such patent rights.本标准中的某些内容有也许涉及一些专利权问题,这一点应引起注意,ISO不负责辨认任何这样的专利权问题。ISO 31000 was prepared by the ISO Technical Management Board Working Group on risk management.ISO 31000由ISO技术管理委员会风险管理工作组编写。Introduction简介Organizations of all types and s
7、izes face internal and external factors and influences that make it uncertain whether and when they will achieve their objectives. The effect this uncertainty has on an organizations objectives is “risk”.所有类型和规模的组织都面临内部和外部因素的影响,使得它不能拟定是否及何时实现其目的。这种对一个组织的目的影响的不拟定性既是“风险”。All activities of an organizat
8、ion involve risk. Organizations manage risk by identifying it, analysing it and then evaluating whether the risk should be modified by risk treatment in order to satisfy their risk criteria.一个组织的所有活动都涉及风险。组织通过辨认、分析、评价风险以及解决风险,以满足他们的风险标准。Throughout this process, they communicate and consult with stak
9、eholders and monitor and review the risk and the controls that are modifying the risk in order to ensure that no further risk treatment is required. This International Standard describes this systematic and logical process in detail.在这个过程中,他们与利益相关者沟通协商,监测和审查风险控制,并不断的修正风险,以保证风险解决不再是必需的。本标准具体描述了这一系统的和
10、符合逻辑的过程。While all organizations manage risk to some degree, this International Standard establishes a number of principles that need to be satisfied to make risk management effective. This International Standard recommends that organizations develop, implement and continuously improve a framework wh
11、ose purpose is to integrate the process for managing risk into the organizations overall governance, strategy and planning,management, reporting processes, policies, values and culture.尽管所有的组织在某种限度上都在管理风险,本标准规定了一些原则,以使风险管理变得有效。本标准建议,组织制定,实行和不断完善的框架,其目的是将风险管理纳入到组织的治理,战略和规划,管理,报告程序,政策,价值观和文化等综合管理的整个过程
12、。Risk management can be applied to an entire organization, at its many areas and levels, at any time, as well as to specific functions, projects and activities.风险管理可以应用到整个组织,它的许多领域和层次,在任何时间,以及具体职能,项目和活动。Although the practice of risk management has been developed over time and within many sectors in
13、order to meet diverse needs, the adoption of consistent processes within a comprehensive framework can help to ensure that risk is managed effectively, efficiently and coherently across an organization. The generic approach described in this International Standard provides the principles and guideli
14、nes for managing any form of risk in a systematic, transparent and credible manner and within any scope and context.尽管在过去这段时间内的许多部门,以满足不同的需要的风险管理的做法是成熟的,但是通过采用一致性流程的综合框架有助于保证风险管理的有效性,并且有效和连贯整个组织。在本标准规定的一般性的原则和方针,目的在于在任何的环境和背景下,系统的、清楚的、可靠的方式管理风险。Each specific sector or application of risk management
15、brings with it individual needs, audiences, perceptions and criteria. Therefore, a key feature of this International Standard is the inclusion of “establishing the context” as an activity at the start of this generic risk management process. Establishing the context will capture the objectives of th
16、e organization, the environment in which it pursues those objectives, its stakeholders and the diversity of risk criteria all of which will help reveal and assess the nature and complexity of its risks.每一个具体部门或风险管理的应用都产生了独自的需要,受众,观念和标准。因此,这一国际标准的重要特点是将风险管理“环境建设”列入其管理过程的开始活动。环境建设方面将捕获该组织的目的,它所追求目的的环境,它的利益相关者和风险标准的多样性,所有这些都将帮助揭示和评估风险的性质和复杂性。The relationship between the principles for managing risk, the framework in which it occurs and t
