We regard risks to business-as-usual activities and disruption-related risks as part of a spectrum of risks that can impact on the organisational objectives of clients. Both types of risk in NZ and elsewhere may require action to more effectively manage their causes or consequences or both.
Unacceptable disruption-related risks may require risk treatments that include business continuity plans or crisis management plans or both.
Some risks may arise because of natural hazards while others may arise from operational or technological sources but impact on, for example, the:
- safety or health of employees or other people
- external environment
- production and delivery of goods or services.
We use a standards- and evidence-based approach to risk management. Standards commonly used include:
- AS/NZS ISO 31000:2009 Risk management - Principles and guidelines
- ISO 31010: 2009 Risk Management - Risk Assessment Techniques
- AS/NZS 5050: 2010 Business continuity: management of disruption-related risk
- BS 25999:2006. Business continuity management (both the Code of Practice and Specification).
Our technical library contains nearly 8,000 articles, books and reports and is growing. Our research gives access to academic articles to help keep our knowledge base up to date.
We have also carried out research to identify risks and aid analysis of risks. See, for example, our report to the Australian Senate on the risk matrix.