ERM Q | Apcert

ERM Questions for your own quick assessment

If you could answer 50% questions, please write to us for a First Level ISO Certificate of ISO 31000. After completing our on-site audit, we would issue your company an ISO 31000 Best Enterprise Risk Management (ERM) Certificate for validating 80% of providing answers to these questions.

1. Leadership
- What is the corporate culture in risk management?
- Is your CEO mandate a risk management policy?
- Have your risk assessments been updated in the last 6 months?
- Provide training on business needs and drivers?
- Do you have a quality approach to risk and crisis management?

2. Business operations and management analysis
- focus on supplier management of the complete supply chain
- conduct customer feedback surreys, marketing progress and meetings
- define key business processes and sub-process architecture
- use benchmark data wherever possible and

compliance of personal data privacy ordinance
- have your business contingency and continuity been tested in the last 6 months?

3. Business planning
- align annual objective to company risk and crisis and business strategy
- apply a consistent process for projecting levels of business performance
- develop key business performance measures
- set objectives for all employees with risk and crisis control and ERM responsibilities
- develop a communication system with measures of effectiveness

4. Human resources development and enterprise risk management
- utilise care and recognition as an incentive program
- consider succession planning
- measure the effectiveness of manager training
- consider job effectiveness and career development
- appoint a risk and continuity evangelist

5. Enterprise risk process management
- adopt the principles of enterprise risk process management

- compliance of ISO 31000 and/or ISO 27710 or other ISO standards

- compliance of information security standards and its controls
- maintain & update the risk register & compliance report in the last 6 months
- implement the risk improvement processes
- document the risk control and process
- ensure there is an effective escalation process to risk control and continuity management from different sources of risk

6. Customer and market focus
- develop more formal contacts with customers, suppliers, partners, and stakeholders
- review service level objective and agreement in conjunction with customers and risk priorities
- focus more on proactive customer relationship management
- formalize the closeout of problem solutions
- initiate the management of change and markets focus

7. Business results
- agree on key business metrics
- monitor regular business trend information, targets and benchmarks
- use of risk identification tools, business diagnosis root cause analysis situations
- develop checklists and charts to monitor the risk trends and change
- follow up the ER measurement of business and financial performance

8. Financial management

- employ tools of financial risk management for decision making

- use of financial ratios for risk analysis

- follow up the management requirements of key components of working capital to match the changing requirements of

operations

- have your financial budget planning been reviewed in the last 6 months?

- use of integrated financial & business risk management model?