Designing an ISO 31000 implementation program
Dekempeneer, Olivier (2023)
2023
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2023060722592
https://urn.fi/URN:NBN:fi:amk-2023060722592
Tiivistelmä
The objective of this thesis is to create an blueprint of an ISO 31000 implementation program, different from the ones already on the market. The program must be unique while still respecting the ISO 31000 guidelines. I am an entrepreneur who aims to use the blueprint to develop an commercially interesting program which I can build, manage and/or sell.
The theoretical framework is based on ISO 31000 risk management guidelines, ISO 31010 risk management techniques and the Finnish EK framework. I further extended the knowledge base by researching online learning tools and techniques.
My aim is to create an new and unique blueprint, which meant starting the design process from zero. The double diamond design process was chosen for this development project. It is split up into four phases, being discovery phase, define phase, develop phase and deliver phase. The last phase has not been applied since that would require an working prototype. The methods used in the various phases are mega trends, an persona empathy map, business model canvas, solution based thinking and the ABC learning design.
This development project has shown that there are ways around the traditional ISO 31000 teaching approach. By having users choose between predetermined scopes, I was able to narrow down the information needed to bring the ISO 31000 risk management process, combined with ISO 31010 risk management tools, to an good end. This while still following the recommended structure of ISO 31000, being scope, risk identification, risk analysis, risk evaluation, risk treatment and iteration. Reporting and communication is taken care of trough the use of an template. The template however needs to be developed further.
The result is an program existing out of seven modules, being introduction, scope, risk identification, risk analysis, risk evaluation, risk treatment and iteration. Each module has been assigned with one or more learning types, and uses an variation of teaching tools so that the user can choose their preferred learning method. Users who don’t have enough with the information given, or that need better tailored advice can purchase tutoring by the hour for an one on one discussions and advice.
The blueprint is ready, the template that should accompany the program needs to be developed further.
The theoretical framework is based on ISO 31000 risk management guidelines, ISO 31010 risk management techniques and the Finnish EK framework. I further extended the knowledge base by researching online learning tools and techniques.
My aim is to create an new and unique blueprint, which meant starting the design process from zero. The double diamond design process was chosen for this development project. It is split up into four phases, being discovery phase, define phase, develop phase and deliver phase. The last phase has not been applied since that would require an working prototype. The methods used in the various phases are mega trends, an persona empathy map, business model canvas, solution based thinking and the ABC learning design.
This development project has shown that there are ways around the traditional ISO 31000 teaching approach. By having users choose between predetermined scopes, I was able to narrow down the information needed to bring the ISO 31000 risk management process, combined with ISO 31010 risk management tools, to an good end. This while still following the recommended structure of ISO 31000, being scope, risk identification, risk analysis, risk evaluation, risk treatment and iteration. Reporting and communication is taken care of trough the use of an template. The template however needs to be developed further.
The result is an program existing out of seven modules, being introduction, scope, risk identification, risk analysis, risk evaluation, risk treatment and iteration. Each module has been assigned with one or more learning types, and uses an variation of teaching tools so that the user can choose their preferred learning method. Users who don’t have enough with the information given, or that need better tailored advice can purchase tutoring by the hour for an one on one discussions and advice.
The blueprint is ready, the template that should accompany the program needs to be developed further.