A number of years ago, while living near Houston, Texas and working for a major oil company as an audit director, I joined the local volunteer fire department in my community.
As a new member, I was assigned the task of carrying out a fire inspection at our local middle school. I was part of a team that included more highly-trained fellow volunteers.
Auditing Fire Risks
Being an experienced auditor, I was certain I was up to the task. I knew all about controls and I thought that knowledge would come in handy. My plans were to meet up …
Recently I was perusing a relatively unknown corner of ISO 31000 Risk Management —Principles and Guidelines— and long dormant memories flooded back.
The ISO section I was reading, Monitoring and Review (s 5.6), deals with the sorts of metrics that should be monitored to ensure the risk management system’s working. For example, it suggests monitoring indicators of control effectiveness, incidents (near misses), issues, key risk indicators, loss events, and other relevant variables important to the risk management process.
Years ago, I was appointed manager of accounting for what was then a mid-sized oil and gas company with operations …