Benchmarking ISO Risk Management Systems to Assess Efficacy and Help Identify Hidden Organizational Risk

Svana Helen Björnsdottir*, Pall Jensson, Saemundur E. Thorsteinsson, Ioannis M. Dokas, Robert J. de Boer

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

Abstract

The overall aim of this article is to contribute to the further development of the area of benchmarking in risk management. The article introduces a two-step benchmarking model to assess the efficacy of ISO risk management systems. It furthermore aims at verifying its usefulness in terms of finding hidden risk issues and improvement opportunities. The existence of all key elements of an ISO 31000-based risk management system is examined at the beginning of this study. Then, the quality in terms of efficacy of important aspects of the risk management system is examined in more detail with special benchmarks. The application of the model to six ISO-certified organizations follows and reinforces the novelty of this study, which is to combine risk science knowledge with benchmarking theory in the application of ISO risk management standards in organizations. The results show that the benchmarking model developed in this study provides rigor when assessing and evaluating the efficacy of an ISO risk management system. By applying the model, risk issues and risk factors can be found that had not previously been identified. The findings are of importance for risk management, the benchmarking science, and for the development of ISO risk management standards.

Original languageEnglish
Article number4937
JournalSustainability (Switzerland)
Volume14
Issue number9
DOIs
Publication statusPublished - 20 Apr 2022

Bibliographical note

Publisher Copyright:
© 2022 by the authors. Licensee MDPI, Basel, Switzerland.

Other keywords

  • benchmarking
  • ISO 31000
  • ISO risk management systems
  • risk management

Fingerprint

Dive into the research topics of 'Benchmarking ISO Risk Management Systems to Assess Efficacy and Help Identify Hidden Organizational Risk'. Together they form a unique fingerprint.

Cite this