topics of the conference

The 6th international Conference on the ISO 31000 Risk Management Standard in Dubai on 24-25 September 2017, follows the successful annual conferences in Paris 2012, Toronto 2013, New York 2014, Cape Town 2015 and Dubai 2016.

24th September 2017

Day 1 - Sunday

Officials' introducing the conference


25 years experience in risk management standards

In the last 40 years, Kevin has been instrumental in the development of widening risk management standardization across countries.

Kevin will review his contributions in the last 25 years, from the successive revisions of the Australian/New-Zealand Standard AS/NZS4360, the broad acceptance of AS/NZS4360 leading to the first international standard published on risk management – ISO 31000 (guidance standard) and the ISO Guide 73 (vocabulary).

He will present the challenges for more risk management standardization across industries, sectors and his vision for the future of risk management.


Exceptional prominent speakers invited this year.

Why the G31000 Risk Maturity Model is unique ?

In the recent book from Domenic Antonucci reviewing more than 80 risk management maturity models, the only risk maturity model based on ISO31000:2009 principles will be presented.

G31000 Risk management maturity model is a modern tool designed to help risk practitioners to implement risk management into organizational processes and the overall culture of the organization. This is a tool that will provide great value to internal auditors, risk managers and business functions alike. The risk maturity model is based on ISO31000:2009 principles and is suitable for any type of organization as well as any industry.


The new ISO 45001 Occupational Health and Safety

A new International Standard for Occupational Health and Safety Management Systems is currently under development to replace BS OHSAS 18001. It will help your organization provide a safe and healthy workplace for your workers and other people, prevent deaths, work-related injury and ill-health as well as continually improve OH&S performance.

We would like to update our clients on the development of ISO 45001, a new standard consolidating the best practice knowledge on Occupational Health & Safety (OH&S) which is expected to replace BS OHSAS 18001.


Extending Information security through standards

This session provides practical guidance, benchmarks and other effective tools for all enterprises that use information systems.

Through its comprehensive knowledge and experience, the speaker presents key concepts such as Security Architecture, Developing Awareness trainings, Information Security Program Development and Management, Vulnerability management and Incident management applied in the banking sector.

ISACA defines the roles of information systems governance, security, audit and assurance professionals worldwide.


Exceptional prominent speakers invited this year.


Exceptional prominent speakers invited this year.

Current status of the revision of ISO 31000

The current international risk management standard – ISO 31000:2009, Risk management – Principles and guidelines, is currently under revision.

The session will present the new aspects to be expected in the next version, in a form of a panel discussion where the audience can ask questions to our panel of experts, members of the ISO/TC 262 committee.


Exceptional prominent speakers invited this year.

25th September 2017

Day 2 - Monday

Making the link between risk and performance

ERM has been guided by various frameworks and standards but has fallen short in many deployment attempts.

While every approach has legitimacy since ERM should be customized to the needs of your organization, the ISO 31000 approach provides the flexibility and emphases to improve the users chance of success.

The session will present how ISO 31000 makes the link between risk, objectives, decision-making, uncertainty and best allocations of resource towards optimal performance.


How to go beyond GRC and compliance

There is no doubt that Compliance is a must, but whether going beyond compliance makes any business sense is a diffident matter. Statistics suggest that the financial cost of compliance itself is huge which may lead to a minimal compliance rather than taking extra steps beyond. Contrary, the concept “Beyond Compliance” has recently become very common. We are going to discuss the necessity of going “beyond compliance” from a legal and risk perspective, and will shed light on the link between “Risk”, “Compliance” and “Regulatory Flow” that most of organisations and institutions perhaps fail to appreciate.


Current status of the revision of COSO ERM

PwC authored the 2004 COSO ERM Framework has been engaged in 2014 by the Board of the Committee of Sponsoring Organizations of the Treadway Commission (COSO) to update the Framework to make it more applicable for today’s environment. COSO Advisory Council.

Following the presentation made by Carmen Le Grange, PwC Partner & Leader for Business Resilience: Africa, at the 4th International ISO 31000 conference in Cape Town, South Africa, a key person from the PwC Global Risk Project Team has been invited this year to present the current draft of the COSO ERM Framework revision. We will learn during this session if PwC has succeeded to align the COSO ERM revision with advanced thinking in risk management and specifically with the international ISO 31000 risk management standard.


Exceptional prominent speakers invited this year.

Link between risk and project management

Project risk management is an important aspect of project management. According to the Project Management Institute’s PMBOK, Risk management is one of the ten knowledge areas in which a project manager must be competent.

Project risk is defined by PMI as, “an uncertain event or condition that, if it occurs, has a positive or negative effect on a project’s objectives.

The session will demonstrate that risk management (proposed in ISO 31000) and project management (as presented by PMI) are perfectly aligned in terms of thinking.


Successful ERM implementation

The session will provide an overview of the increasing importance of ERM within the insurance and financial sector. With an overview of the evolution of ERM with practical examples including how major catastrophic events, ERM has shaped the world today. Latest tools and techniques and how they have adapted to the new requirements including maturity models will be explained, especially with practical real-life examples and associated main challenges facing risk managers in implementation of ERM in the insurance sector. The case study of how the ISO 31000 standard has helped to embed ERM in AL Koot insurance company will be presented.


Exceptional prominent speakers invited this year.

How to integrate different management systems?

The tendency of increased compatibility between ISO Standards has paved the road to integration (or rather merging) management systems. How to achieve a success integration?

An Integrated Management System can be defined as: “A management system that integrates all of an organisation’s systems and processes into one complete framework, enabling an organisation to work as a single unit with unified objectives.”

The session will explain how to change the emphasis of integration from ‘System’ to ‘Management’.


How to build an effective risk culture ?

The Risk Culture Building is one of the most talked about concepts in the business world nowadays.

Many companies are spending a lot of time and money on formulating and implementing a correct risk management strategy, yet failing to build a consistent risk culture will jeopardize any project.

Today, it is absolutely imperative for any organization to develop an organizational culture that can embrace risk culture management, but how?

Covering aspects such as organizational culture, risk awareness by employees, common language, human behaviors, knowledge, beliefs, values and personal objectives of individuals, the session will be managed by an internationally- recognized experts in this subject.


Exceptional prominent speakers invited this year.

About the link between risk & Resilience

Security, resilience, business continuity, emergency planning and disaster planning are all subject management by the international Technical Committee ISO/TC 292 Security and resilience.

Given their active and quickly predominance in risk management, how can you relate these topics with the content of the ISO 31000 risk management standard. A prominent expert will explain.


Innovative thinking in safety management models

With reference to the risk management standard, the current status of advanced innovation in safety management and research accomplished at the TU Delf, a recognized university in the Netherlands, the session will focus human factors, organizational thinking and management play an important role in safety hazards.


Going beyond regulatory requirement

Today, banks are mandated to meet many different regulations including but not limited to Anti Money Laundering requirements, Sarbanes Oxley, Dodd Frank Wall St Reform Act, International Accounting Standards and Basel II / Basel III banking accord. This session will look at how ISO 31000 can assist in bringing these various regulatory initiatives together and not only be harmonious with Basel II, III but improve its operations.


Exceptional prominent speakers invited this year.

Internal Audit and Assurance in effective Management

Can internal auditors, external auditors and credit rating agencies really provide assurance on the effectiveness of risk management? What are the techniques to use and potential pitfalls when integrating risk management and internal control in alignment with ISO 31000? This session will focus on how to apply a comprehensive approach covering all ISO 31000 clauses using a maturity approach to assess sustainability


Current status and future of
ISO 31000, worldwide

The international ISO 31000 risk management standard has now been adopted by 63 countries as national risk management standard and translated in 23 languages.

This panel discussion is intended to share experiences about how to raise awareness to encourage public and private organisation to adopt ISO 31000 as their reference in the management of risk. Starting with the 20 years long experience of Australia, the session will continue with experience from Europe, America, Asia and Africa.



Companies We Trained