Agenda of the conference

The 6th international Conference on the ISO 31000 Risk Management Standard in Dubai on 24-25 September 2017, follows the successful annual conferences in  Paris 2012, Toronto 2013, New York 2014, Cape Town 2015 and Dubai 2016.

Day 1, Sunday 24 September, 2017


25 years experience in risk management standards

In the last 40 years, Kevin has been instrumental in the development of widening risk management standardization across countries. Kevin will review his contributions in the last 25 years, from the successive revisions of the Australian/New-Zealand Standard AS/NZS4360, the broad acceptance of AS/NZS4360 leading to the first international standard published on risk management – ISO 31000 (guidance standard) and the ISO Guide 73 (vocabulary). He will present the challenges for more risk management standardization across industries, sectors and his vision for the future of risk management.


Making the link between risk and performance
ERM has been guided by various frameworks and standards but has fallen short in many deployment attempts. While every approach has legitimacy since ERM should be customized to the needs of your organization, the ISO 31000 approach provides the flexibility and emphases to improve the users chance of success. The session will present how ISO 31000 makes the link between risk, objectives, decision-making, uncertainty and best allocations of resource towards optimal performance.

Risk Maturity Model

Why the G31000 Risk Maturity Model is unique ?

In the recent book from Domenic Antonucci reviewing more than 80 risk management maturity models, the only risk maturity model based on ISO31000:2009 principles will be presented

G31000 Risk management maturity model is a modern tool designed to help risk practitioners to implement risk management into organizational processes and the overall culture of the organization. This is a tool that will provide great value to internal auditors, risk managers and business functions alike. The risk maturity model is based on ISO31000:2009 principles and is suitable for any type of organization as well as any industry.


Risk Criteria

How to create your risk criteria in practice?

Some risk professionals consider that Risk appetite is the hardest part of any ERM implementation”. Others prefer to write entire books on the subject. This session will explain in a practical and easy to understand fashion how to build your risk appetite and risk criteria in order to include risk management with the objectives of the organization taking into account the internal and external context, sector, culture and objectives.


IT Security

Extending Information security through standards

This session provides practical guidance, benchmarks and other effective tools for all enterprises that use information systems. Through its comprehensive knowledge and experience, the speaker presents key concepts such as Security Architecture, Developing Awareness trainings, Information Security Program Development and Management, Vulnerability management and Incident management applied in the banking sector.

ISACA defines the roles of information systems governance, security, audit and assurance professionals worldwide.


ISO management systems

How to integrate different management systems?

The tendency of increased compatibility between ISO Standards has paved the road to integration (or rather merging) management systems. How to achieve a success integration?

An Integrated Management System can be defined as: “A management system that integrates all of an organisation’s systems and processes into one complete framework, enabling an organisation to work as a single unit with unified objectives.”

The session will explain how to change the emphasis of integration from ‘System’ to ‘Management’.


Beyond Compliance

How to go beyond GRC and compliance

The work accomplished by DEWA using the SAP GRC 10.1 (Risk Management Module) to centralise the ERM function in the organization, including Corporate Risk Management, Business Units Risk Management, Supply Chain Risk Management, Business Continuity Management, IT risk assessments and Project Risk Management has attracted our attention since you are embedding the international ISO 31000 risk management standard.

We will learn how DEWA encourages proactive risk management in its pursue of performance against objectives and thereby excellence in service delivery.


ISO 45000 OHS (Safety)

The new ISO 45001 Occupational Health and Safety

A new International Standard for Occupational Health and Safety Management Systems is currently under development to replace BS OHSAS 18001. It will help your organization provide a safe and healthy workplace for your workers and other people, prevent deaths, work-related injury and ill-health as well as continually improve OH&S performance.

We would like to update our clients on the development of ISO 45001, a new standard consolidating the best practice knowledge on Occupational Health & Safety (OH&S) which is expected to replace BS OHSAS 18001.


Revision of ISO 31000

Current status of the revision of ISO 31000

The current international risk management standard – ISO 31000:2009, Risk management – Principles and guidelines, is currently under revision.

The session will present the new aspects to be expected in the next version, in a form of a panel discussion where the audience can ask questions to our panel of experts, members of the ISO/TC 262 committee.


Project Management

Link between risk and project management

Project risk management is an important aspect of project management. According to the Project Management Institute’s PMBOK, Risk management is one of the ten knowledge areas in which a project manager must be competent. Project risk is defined by PMI as, “an uncertain event or condition that, if it occurs, has a positive or negative effect on a project’s objectives.

The session will demonstrate that risk management (proposed in ISO 31000) and project management (as presented by PMI) are perfectly aligned in terms of thinking.


How to Implement ERM

Leverage your ERM based on ISO31000

ISO 31000 says: “The design and implementation of risk management plans and frameworks will need to take into account the varying needs of a speci?c organization, its particular objectives, context, structure, operations, processes, functions, projects, products, services, or assets and speci?c practices employed” In this session, we will learn how large companies have achieved the implementation of ISO 31000. What are the major barriers to effective risk management in organizations today? How Risk Maturity Models can be developed and used for bench marking.

A tradition by now is the G31000 Excellence Award Ceremony during the Gala Dinner. The Global Institute for Risk Management Standards G31000, seeks to distinguish acknowledge individuals and organizations, who have demonstrativeness, expertise and achievement with the international ISO 31000 risk management standard. Awards will be delivered to the best trainees, trainers and organizations in the private or public sector.

Day 2, Monday 24 September, 2017


Risk standardization in the insurance sector: case studies

The session will provide an overview of the increasing importance of ERM within the insurance and financial sector. With an overview of the evolution of ERM with practical examples including how major catastrophic events, ERM has shaped the world today. Latest tools and techniques and how they have adapted to the new requirements including maturity models will be explained, especially with practical real-life examples and associated main challenges facing risk managers in implementation of ERM in the insurance sector. The case study of how the ISO 31000 standard has helped to embed risk management in all practices & processes

Financial markets

Taking advantage of volatile financial markets

As volatility increases, the potential to make more money more quickly also increases. But, as volatility increases so does risk. To put it as simply as possible, when market volatility reaches a certain level, it is critical to adopt a coherent systematic approach, eventually adopted different tactics and keeping in mind the risk management process and a dynamic risk appetite.


Going beyond regulatory requirement

Today, banks are mandated to meet many different regulations including but not limited to Anti Money Laundering requirements, Sarbanes Oxley, Dodd Frank Wall St Reform Act, International Accounting Standards and Basel II / Basel III banking accord. This session will look at how ISO 31000 can assist in bringing these various regulatory initiatives together and not only be harmonious with Basel II, III but improve its operations.


Managing the Business Risk of Fraud

Effective governance processes are the foundation of fraud risk management. Lack of effective corporate governance seriously undermines any fraud risk management program. The organization’s overall tone at the top sets the standard regarding its tolerance of fraud. Relying on international best practices on fraud prevention provide assurance that the organization at all levels manages adequately fraud deterrence.


Risk culture

How to build an effective risk culture?

The Risk Culture Building is one of the most talked about concepts in the business world nowadays.

Many companies are spending a lot of time and money on formulating and implementing a correct risk management strategy, yet failing to build a consistent risk culture will jeopardize any project.

Today, it is absolutely imperative for any organization to develop an organizational culture that can embrace risk culture management, but how?

Covering aspects such as organizational culture, risk awareness by employees, common language, human behaviors, knowledge, beliefs, values and personal objectives of individuals, the session will be managed by an internationally- recognized experts in this subject.


Continuity & Resilience

About the link between risk & Resilience

Security, resilience, business continuity, emergency planning and disaster planning are all subject management by the international Technical Committee ISO/TC 292 Security and resilience.

Given their active and quickly predominance in risk management, how can you relate these topics with the content of the ISO 31000 risk management standard. A prominent expert will explain.


Safety management

Innovative thinking in safety management models

With reference to the risk management standard, the current status of advanced innovation in safety management and research accomplished at the TU Delf, a recognized university in the Netherlands, the session will focus human factors, organizational thinking and management play an important role in safety hazards.


Finance and Banking

Going beyond regulatory requirement

Today, banks are mandated to meet many different regulations including but not limited to Anti Money Laundering requirements, Sarbanes Oxley, Dodd Frank Wall St Reform Act, International Accounting Standards and Basel II / Basel III banking accord. This session will look at how ISO 31000 can assist in bringing these various regulatory initiatives together and not only be harmonious with Basel II, III but improve its operations.


Internal Audit

Internal Audit & Assurance in effective Management

Can internal auditors, external auditors and credit rating agencies really provide assurance on the effectiveness of risk management? What are the techniques to use and potential pitfalls when integrating risk management and internal control in alignment with ISO 31000? This session will focus on how to apply a comprehensive approach covering all ISO 31000 clauses using a maturity approach to assess sustainability

ISO31000 Worldwide

Current status and future of ISO 31000, worldwide

The international ISO 31000 risk management standard has now been adopted by 63 countries as national risk management standard and translated in 23 languages.

This panel discussion is intended to share experiences about how to raise awareness to encourage public and private organisation to adopt ISO 31000 as their reference in the management of risk. Starting with the 20 years long experience of Australia, the session will continue with experience from Europe, America, Asia and Africa.

World map :  See :

  • Alex Dali
      Alex DaliPresidentGlobal Institute for Risk Management Standards – G31000

    ISO31000 Worldwide

    The international ISO 31000 risk management standard has now been translated into 23 languages and adopted by 63 countries as their national risk management standard.

    This panel discussion aims to share experiences about how to raise awareness to encourage public and private organisations to adopt ISO 31000 as their reference in the management of risk. Starting with twenty years  of experience in Australia, the session will continue with experiences from Europe, America, Asia and Africa.

    mapWorld map :

    Current status and future of ISO 31000, worldwide

    • Latest statistics on ISO 31000 – countries, sectors, companies
    • Development of the G31000 network and its representatives
    • Why G31000 needs to expand – new products & services
    • Priorities and objectives for future
    • Peter Blokland
        Peter BloklandResearcher & TrainerTUDelft university

      Current status of ISO 31000 in  Europe

      Low Res Europe Map-17

      • Alexei Sidorenko
          Alexei SidorenkoCEORisk Academy

        Current status of ISO 31000 in Russian-speaking countries


        • Ben Burger
            Ben BurgerManaging DirectorPro Presentation CC

          Current status of ISO 31000 in  Southern Africa

          South Africa 1

          • Emmanuel Johannes
              Emmanuel JohannesCEOKepler Associates and former President IIA Tanzania

            Current status of ISO 31000 in  Eastern Africa

            • Increased membership in the LinkedIn discussion across East Africa
            • Three ISO 31000 certification training organised : Tanzania (September 2015) and Uganda (January 2016 and August 2016)
            • Collaboration with local Institute of Auditors (IIA) chapter in Tanzania and Uganda (MoU signed

            eastern africa

              Current status of ISO 31000 in Spain and Latin America

              • Development of ISO 31000 in Latam 2009-2015
              • Latam countries facts
              • Latam idiosyncrasy
              • Conclusions


              • Olawale Awosina
                  Olawale AwosinaHead, Compliance and Risk Management Total Health Trust Limited, A Member of LIBERTY

                Current status of ISO 31000 in  Nigeria

                Road Map to Implementation and Adoption in Nigeria.

                • Successful Implementation in Goldlink Insurance Plc, and its benefits for the company.
                • Inaugural and first ISO 31000 Risk Management Certification Training in Nigeria.
                • Second certification training on ISO 31000 Risk Management coming up with participants from Government Agencies and Parastatals
                • Public Sectors and Enterprise Risk Management in Nigeria.