ISO’s Knight affirms opposition to “tick and flick” certification of standards

Mr. Knight spoke to Commercial Risk Europe about the matter as debate grows in Europe over the merits of certification for risk managers and whether the ‘ISO31000:2009 Risk Management – Principles and guidelines’ should be used for this purpose. “It has always been our collective view that an organisation must manage risk effectively rather than concentrating on a documentation process against which it can be certified. It is this tick and flick emphasis that resulted in so many organisations failing to manage the risks of the global financial crisis whereas those who concentrated on actually managing their risks survived and in many cases prospered,” he said. The ISO 31000 has not been written in a manner that enables certification, explained Mr. Knight. Instead it is intended to provide principles and generic guidelines on risk management and a reference tool to help develop a common culture amongst all companies in all countries.hide“The very diversity of risk and the methods for managing it makes the production of a Certification Standard incredibly difficult, if not impossible at the international level and very difficult at the national or even industry level,” Mr. Knight said. However FERMA has said that it is considering the merits of certification for risk managers and their practices. “At FERMA we are thinking about a certification for the risk managers, as there is for auditors. We are just thinking about some form of certification recognition. It is now a real profession and we need to have real professionals in all the different companies. So it could be a good idea to go down the certification route and it is something we are looking into,” said Michael Dennery, Director of Risk Management at GDF Suez and board member of FERMA. This discussion at FERMA is in its early stages and the degree and manner of certification is still open for debate, experts said. Judging by discussions at the recent Les Rencontres AMRAE in Deauville, Normandy, and the growing debate amongst risk managers in Europe the pro-certification lobby appears to be growing. “It seems there are a few more people than we thought that are looking for it to be certifiable. We thought that AMRAE was totally against this but clearly some members of AMRAE are wondering and the debate is still open,” explained Jean-Paul Louisot, Academic Director at the CARM Institute in France, and a member of the committee that developed the ISO31000. But, he warned that certification for the risk management process is not practical and could hinder risk management. “I say be careful, because if you stress too much certification then you can end up with another compliance and you kill risk management as the vivid and forward-thinking discipline that it should be,” he explained. Paul Hopkin, Technical Director at AIRMIC, asked why certification would prevent forward-thinking. “All of these arguments that it would stifle risk management are not compelling. One part of certification is to certify that you have a very robust risk identification processes – so why is that going to stop you doing something that you can do if you are not certified?” said Mr. Hopkin. Mr. Hopkin argues that producing a certifiable standard is “the next logical step” and believes it would in all probability produce a better standard. “There is an extra discipline that comes to the committee when you are producing a certifiable standard. You make sure it is that much more robust and comprehensive,” he said.

ISO’s Knight affirms opposition to “tick and flick” certification of standards

Want to read this article?

Read Next

Heathrow Airport closure sparks probe amid contingency questions

Deregulation concerns amid EC’s chemical industry talks

Cybersecurity agency reports 15% more attacks in France last year

AI to fuel rise in cyberattacks on SMEs, warns CyberCube

Meta berates Europe’s regulators for delayed rollout of Meta AI

Heathrow Airport closure sparks probe amid contingency questions

Deregulation concerns amid EC’s chemical industry talks

Cybersecurity agency reports 15% more attacks in France last year

AI to fuel rise in cyberattacks on SMEs, warns CyberCube

Meta berates Europe’s regulators for delayed rollout of Meta AI

Keep yourself informed

Sign up for Commercial Risk’s newsletters

Want to read this article?

Read Next

Heathrow Airport closure sparks probe amid contingency questions

Deregulation concerns amid EC’s chemical industry talks

Cybersecurity agency reports 15% more attacks in France last year

AI to fuel rise in cyberattacks on SMEs, warns CyberCube

Meta berates Europe’s regulators for delayed rollout of Meta AI

Related Articles

Keep yourself informed

Sign up for Commercial Risk’s newsletters