6 Key Questions to Define Risk Control.
In last week's blog, I discussed the basic but often confused issue, of describing operational risks in a logical and understandable way. This week, I turn to controls, which are often as equally poorly defined and understood.
The ISO 31000 standard defines control as a “measure that is modifying risk”. While not incorrect, this definition is broad, and I am not sure overly meaningful or engaging with the employee at the coal face.