Customer Support: 131 242

  • There are no items in your cart
We noticed you’re not on the correct regional site. Switch to our AMERICAS site for the best experience.
Dismiss alert

HB 158-2010

Withdrawn
Withdrawn

A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.

Delivering assurance based on ISO 31000:2009 Risk management - Principles and guidelines
Available format(s)

Hardcopy , PDF 1 User , PDF 3 Users , PDF 5 Users , PDF 9 Users

Withdrawn date

29-09-2023

Language(s)

English

Published date

16-11-2010

Preview

1 - HB 158-2010 DELIVERING ASSURANCE BASED ON ISO 31000:2009 RISK MANAGEMENT-PRINCIPLES AND GUIDELINES
3 - PREFACE
4 - CONTENTS
6 - SECTION 1 SCOPE AND OBJECTIVES
6 - 1.1 GENERAL
7 - 1.2 ENTERPRISE RISK MANAGEMENT (ERM)
7 - 1.3 TERMINOLOGY AND DEFINITIONS
7 - 1.3.1 Risk
7 - 1.3.2 Assurance
7 - 1.3.3 Inherent risk/Potential exposure
9 - 1.3.4 Materiality
9 - 1.3.5 Audit
9 - 1.3.6 Controls
10 - 1.3.7 Organizations
12 - SECTION 2 SUMMARY OF THE RISK MANAGEMENT PROCESS
12 - 2.1 GENERAL
13 - 2.2 COMMUNICATE AND CONSULT
13 - 2.2.1 General
14 - 2.2.2 Requirements
14 - 2.2.3 Linkages
14 - 2.3 ESTABLISH THE CONTEXT
14 - 2.3.1 General
15 - 2.3.2 Requirements
15 - 2.3.3 Linkages
15 - 2.4 IDENTIFY RISKS
15 - 2.4.1 General
16 - 2.4.2 Requirements
16 - 2.4.3 Linkages
16 - 2.5 ANALYSE RISKS
16 - 2.5.1 General
17 - 2.5.2 Requirements
17 - 2.5.3 Linkages
17 - 2.6 EVALUATE RISKS
17 - 2.6.1 General
18 - 2.6.2 Requirements
18 - 2.6.3 Linkages
18 - 2.7 TREAT RISKS
18 - 2.7.1 General
19 - 2.7.2 Requirements
19 - 2.7.3 Linkages
19 - 2.8 MONITOR AND REVIEW
19 - 2.8.1 General
20 - 2.8.2 Requirements
20 - 2.8.3 Linkages
21 - SECTION 3 RISK MANAGEMENT AND ASSURANCE
21 - 3.1 LINKING RISK MANAGEMENT TO ASSURANCE
22 - 3.2 STRATEGIC AND ORGANIZATION-WIDE APPROACHES TO RISK MANAGEMENT
23 - 3.3 ASSURANCE AND THE RISK MANAGEMENT PROCESS
24 - 3.4 ASSURANCE OF A RISK MANAGEMENT FRAMEWORK
24 - 3.4.1 General
24 - 3.4.2 Mandate and commitment
26 - 3.4.3 Framework design
27 - 3.4.4 Monitoring, review and improvement
27 - 3.5 INTERNAL AUDIT INVOLVEMENT IN RISK MANAGEMENT
29 - SECTION 4 DEVELOPING AN ASSURANCE STRATEGY
29 - 4.1 GENERAL
30 - 4.2 STEP 1: IDENTIFYING THE ASSURANCE NEEDS OF THE ORGANIZATION
30 - 4.3 STEP 2: IDENTIFYING WHO THE ASSURANCE PROVIDERS ARE AND THEIR SCOPE OF OPERATION
30 - 4.3.1 Organizational management
31 - 4.3.2 Internal auditing
32 - 4.3.3 External auditing
32 - 4.4 STEP 3: IDENTIFY AND DOCUMENT ASSURANCE MECHANISMS
32 - 4.4.1 The organization needs assurance that all material risks have been identified
33 - 4.4.2 The organization needs assurance that risks have been accurately analysed and evaluated
34 - 4.4.3 The organization needs assurance that controls are both adequate and effective
34 - 4.4.4 The organization needs assurance that intolerably high risks are being properly addressed by management
34 - 4.5 STEP 4: DESIGN THE ASSURANCE REVIEW PROGRAM
34 - 4.5.1 Identifying key controls
35 - 4.5.2 Planning and prioritizing review
37 - 4.5.3 Assurance maps
40 - 4.6 STEP 5: DEVELOP A RISK-BASED REVIEW PROGRAM
40 - 4.6.1 General
40 - 4.6.2 Scheduling reviews based upon risk
40 - 4.6.3 Scheduling based on information need
41 - 4.6.4 Scheduling based on other factors
41 - 4.6.5 Priority model and resource constraints
42 - 4.6.6 The annual internal audit plan
42 - 4.7 STEP 6: MEASURING THE STRATEGY
44 - SECTION 5 PLANNING AN ENGAGEMENT
44 - 5.1 GENERAL
44 - 5.2 ENGAGEMENT SCOPE
44 - 5.3 ENGAGEMENT OBJECTIVES
45 - 5.4 ENGAGEMENT PROCEDURES
45 - 5.5 RATIONAL USE OF RESOURCES
46 - 5.6 SKILLS AND BODY OF KNOWLEDGE
47 - SECTION 6 REPORTING ON THE ASSURANCE PROGRAM
47 - 6.1 GENERAL
47 - 6.2 REPORTING LINES
48 - 6.3 REPORTING THE INDIVIDUAL ASSURANCE ENGAGEMENT
48 - 6.3.1 General
48 - 6.3.2 Communicate and consult
48 - 6.3.3 Establish context
48 - 6.3.4 Risk identification
48 - 6.3.5 Risk analysis
49 - 6.3.6 Risk evaluation
49 - 6.3.7 Risk treatment
50 - 6.3.8 Monitor and review
50 - 6.4 ENSURING ACTION
51 - SECTION 7 DESIGNING AND IMPROVING CONTROLS
51 - 7.1 GENERAL
51 - 7.2 IDENTIFYING AND MEASURING CONTROL GAPS
51 - 7.2.1 General
52 - 7.2.2 Management responsibilities
53 - 7.2.3 Other assurance activities, including control self-assessment
53 - 7.3 DESIGNING CONTROLS
53 - 7.3.1 General
54 - 7.3.2 Step 1-Output from the Risk Assessment process
54 - 7.3.3 Step 2-Define design intent
54 - 7.3.4 Step 3-Detailed design
55 - 7.3.5 Step 4-Evaluation
55 - 7.3.6 Step 5-Implementation
56 - 7.4 ADDING CONTROLS TO AN EXISTING PROCESS
57 - SECTION 8 ASSURANCE OF THE RISK MANAGEMENT PROCESS AND FRAMEWORK
57 - 8.1 GENERAL
58 - 8.2 RISK MANAGEMENT PROCESS ELEMENT APPROACH
58 - 8.2.1 General
58 - 8.2.2 Element 1-Communication
58 - 8.2.3 Element 2-Setting the context
59 - 8.2.4 Element 3-Risk identification
59 - 8.2.5 Element 4-Risk analysis
59 - 8.2.6 Element 5-Risk evaluation
59 - 8.2.7 Element 6-Risk treatment
60 - 8.2.8 Element 7-Monitor and review
60 - 8.3 KEY PRINCIPLES APPROACH
62 - 8.4 MATURITY MODEL APPROACH
65 - APPENDIX A - EXAMPLE PRIORITY MODEL

This Handbook is a guide for internal auditors and any other assurance providers. In particular, it describes how to use the risk management process to; develop a risk-based assurance strategy and program, plan an assurance engagement, report the assurance program, and design controls. The Handbook also provides a guide to assessing the adequacy of risk management framework and process.

Committee
OB-007
DocumentType
Handbook
ISBN
978 0 7337 9489 6
Pages
61
PublisherName
Standards Australia
Status
Withdrawn
Supersedes

Originated as HB 158—2002.Revised and redesignated as GB 158—2004.Revised and redesignated as HB 158—2006.Second edition 2010. Originated as HB 158-2002. Revised and redesignated as GB 158-2004. Revised and redesignated as HB 158-2006. Second edition 2010.

SA/SNZ HB 436:2013 Risk management guidelines - Companion to AS/NZS ISO 31000:2009
HB 331-2012 Overhead line design

View more information
$108.13
Including GST where applicable

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.

Need help?
Call us on 131 242, then click here to start a Screen Sharing session
so we can help right away! Learn more