ISO 31000:2018 Clause 5.4.3 Assigning organizational roles, authorities, responsibilities and accountabilities

ISO 31000:2018 15 Minutes

Top management and oversight bodies, where applicable, should ensure that the authorities, responsibilities and accountabilities for relevant roles for risk management are assigned and communicated at all levels of the organization, and should:

  • — emphasize that risk management is a core responsibility;
  • — identify individuals who have the accountability and authority to manage risk (risk owners).

In clause 5.4.3, the standard addresses the importance of assigning organizational roles, authorities, responsibilities, and accountabilities in the context of risk management. This clause emphasizes the need for a clear and effective assignment of roles and responsibilities within an organization’s risk management framework. Proper assignment of these elements helps ensure that the risk management process is carried out effectively and that individuals understand their roles in managing risk.

  1. Roles: Define the various roles involved in the risk management process. This may include roles such as risk owners, risk managers, risk assessors, and decision-makers. Clearly identify who is responsible for what aspects of the risk management process.
  2. Authorities: Specify the level of authority that individuals or groups have in the risk management process. This includes the authority to make decisions regarding risk treatment options and resource allocation for risk management activities.
  3. Responsibilities: Clearly outline the specific responsibilities of each role involved in risk management. This includes tasks such as risk identification, risk assessment, risk treatment, and ongoing monitoring and review. Responsibilities should be defined in a way that supports the overall objectives of the risk management framework.
  4. Accountabilities: Establish clear lines of accountability for the outcomes of the risk management process. Individuals or groups should be held accountable for the effectiveness of risk management activities within their defined roles.

By addressing these aspects, organizations can enhance their risk management capabilities, foster a risk-aware culture, and improve decision-making processes related to risk. It also helps in avoiding confusion and ensures that everyone understands their contributions to the overall risk management effort. It’s important for organizations to periodically review and update these assignments to adapt to changes in the internal and external environment, organizational structure, and risk landscape. Regular communication and training are also essential to ensure that individuals are aware of and capable of fulfilling their roles and responsibilities effectively. Establishing clear authorities, responsibilities, and accountabilities for relevant roles is crucial for the effective implementation of risk management within an organization. The specific roles and their associated responsibilities may vary based on the organization’s size, structure, and industry. However, here are common roles related to risk management and their associated authorities, responsibilities, and accountabilities:

1. Top Management/Executive Leadership:

Authorities:

  • Setting the overall risk management strategy and framework.
  • Approving the Risk Management Policy and related documents.
  • Defining risk appetite and tolerance thresholds.

Responsibilities:

  • Providing visible leadership and support for risk management.
  • Allocating resources for the implementation of risk management processes.
  • Overseeing the risk management program and receiving regular reports on risk status.

Accountabilities:

  • Ensuring that the organization’s risk management practices align with its strategic objectives.
  • Being accountable for major risk-related decisions.

2. Risk Management Committee (if applicable):

Authorities:

  • Overseeing the organization’s risk management framework.
  • Reviewing and approving risk management policies and procedures.

Responsibilities:

  • Conducting regular risk assessments and monitoring risk profiles.
  • Providing guidance on risk treatment strategies.
  • Ensuring that risk management processes are integrated into decision-making.

Accountabilities:

  • Ensuring the effectiveness of the organization’s overall risk management approach.

3. Risk Management Coordinator/Manager:

Authorities:

  • Coordinating risk management activities across the organization.
  • Ensuring compliance with the risk management policy and procedures.

Responsibilities:

  • Developing and maintaining the risk management framework.
  • Facilitating risk assessments and identifying emerging risks.
  • Implementing risk treatment plans and monitoring risk mitigation efforts.
  • Reporting regularly to top management and relevant committees.

Accountabilities:

  • Effectively managing the day-to-day aspects of the risk management program.
  • Ensuring that risk management activities align with organizational goals.

4. Department Heads/Managers:

Authorities:

  • Identifying and assessing risks within their respective departments.
  • Developing and implementing risk treatment plans for department-specific risks.

Responsibilities:

  • Integrating risk management into departmental planning and decision-making.
  • Communicating risk information to employees within their departments.
  • Reporting significant risks and risk mitigation efforts to top management.

Accountabilities:

  • Managing and mitigating risks within their specific areas of responsibility.
  • Aligning departmental activities with the organization’s risk management framework.

5. Risk Owners:

Authorities:

  • Assuming responsibility for the management of specific risks.

Responsibilities:

  • Identifying, assessing, and prioritizing specific risks.
  • Developing and implementing risk treatment plans.
  • Reporting on the status of assigned risks.

Accountabilities:

  • Ensuring that the risks for which they are responsible are effectively managed and mitigated.

6. Employees at All Levels:

Authorities:

  • Reporting risks and potential issues to their immediate supervisors.

Responsibilities:

  • Being aware of and adhering to the organization’s risk management policies.
  • Participating in risk assessments and providing input.
  • Following established risk mitigation procedures.

Accountabilities:

  • Contributing to a risk-aware culture within the organization.
  • Reporting potential risks promptly and accurately.

Key Principles:

  • Clear Communication: All roles must communicate effectively about risks, actions taken, and lessons learned.
  • Integration with Decision-Making: Risk management responsibilities should be integrated into routine decision-making processes.
  • Training and Awareness: Provide ongoing training to ensure that individuals understand their roles and responsibilities in the risk management process.
  • Continuous Improvement: Encourage a culture of continuous improvement in risk management practices.
  • Performance Evaluation: Incorporate risk management responsibilities into performance evaluations and assessments.

Establishing and regularly reviewing these authorities, responsibilities, and accountabilities helps ensure that risk management is a shared responsibility across all levels of the organization. It also promotes transparency, accountability, and the effectiveness of risk management processes.

Top management and oversight bodies, where applicable, should ensure that the authorities, responsibilities and accountabilities for relevant roles with respect to risk management are assigned at all levels of the organization

The involvement and commitment of top management and oversight bodies are crucial for effective risk management within an organization. This statement underscores the importance of ensuring that authorities, responsibilities, and accountabilities related to risk management are clearly defined and assigned at all levels of the organization. Here’s an elaboration on this concept:

  1. Top Management Involvement:
    • Leadership Commitment: Top management plays a pivotal role in setting the tone for risk management within the organization. Their commitment to and support for the risk management process are essential for creating a risk-aware culture.
    • Strategic Alignment: Top management should align risk management with the organization’s strategic objectives. This involves integrating risk management into decision-making processes to ensure that risks and opportunities are considered in the pursuit of organizational goals.
    • Resource Allocation: Adequate resources, including personnel, budget, and technology, should be allocated to support the effective implementation of risk management practices.
  2. Oversight Bodies:
    • Board of Directors or Governing Body: Oversight bodies such as the board of directors or other governing bodies should be actively involved in overseeing the risk management function. They provide guidance, review the effectiveness of risk management activities, and ensure alignment with organizational objectives.
    • Independent Review: In some cases, organizations may establish risk committees or engage external auditors to provide an independent review of the effectiveness of the risk management process.
  3. Assignment of Authorities, Responsibilities, and Accountabilities:
    • Clarity in Roles: Clearly defining the roles of individuals and teams involved in risk management at all levels of the organization is essential. This clarity helps in avoiding confusion and ensures that everyone understands their contributions.
    • Empowerment: Authorities should be appropriately assigned to individuals or groups responsible for managing risks. This empowers them to make decisions and take actions to address risks within their defined areas.
    • Accountability Mechanisms: Establishing mechanisms to hold individuals accountable for their roles in risk management is vital. This may include regular performance reviews, reporting structures, and integration of risk management responsibilities into job descriptions.

By ensuring that top management and oversight bodies are actively engaged in the risk management process and that roles and responsibilities are clearly defined and assigned throughout the organization, an organization can enhance its ability to identify, assess, and respond to risks effectively. This integration of risk management into the organizational culture contributes to overall resilience and sustainable performance.

Top management and oversight bodies, where applicable, should ensure that the authorities, responsibilities and accountabilities for relevant roles with respect to risk management are communicated at all levels of the organization

Communication is a critical component of effective risk management within an organization. The statement emphasizes the need for top management and oversight bodies to ensure that authorities, responsibilities, and accountabilities related to risk management are not only defined but also effectively communicated at all levels of the organization. Here’s why this communication is important and how it can be achieved:

  1. Clarity and Understanding:
    • Avoid Ambiguity: Clear communication helps avoid ambiguity and ensures that all individuals understand their roles and responsibilities in the context of risk management.
    • Alignment with Objectives: Communication ensures that the risk management framework is aligned with the overall objectives of the organization, helping employees see the relevance of their contributions.
  2. Risk Awareness and Culture:
    • Promote Risk Awareness: Effective communication fosters a culture of risk awareness within the organization. Employees at all levels should be aware of the importance of identifying, assessing, and managing risks in their respective roles.
    • Encourage Reporting: Encourage a culture where employees feel comfortable reporting risks, concerns, or potential issues. This requires open communication channels that facilitate the flow of information related to risks.
  3. Coordination and Collaboration:
    • Integrated Efforts: Communication ensures that different departments and teams understand how their roles fit into the larger risk management picture. This integration is crucial for a coordinated and collaborative approach to risk management.
    • Cross-functional Understanding: In complex organizations, various departments and functions may have different risk exposures. Effective communication helps in building a comprehensive understanding of risks across different parts of the organization.
  4. Training and Education:
    • Continuous Learning: Communication is essential for ongoing training and education on risk management practices. Regular updates and training sessions help employees stay informed about changes in risk management policies and procedures.
  5. Reporting and Feedback:
    • Transparent Reporting: Communication facilitates transparent reporting of risk-related information. This includes reporting mechanisms, frequency of reporting, and the channels through which information should be communicated.
    • Feedback Loop: Establish a feedback loop to ensure that information flows back to top management. This loop allows for adjustments to the risk management framework based on evolving organizational needs and external factors.
  6. Documentation and Accessibility:
    • Document Policies and Procedures: Document risk management policies and procedures, and make them accessible to all relevant personnel. This documentation serves as a reference point for individuals seeking clarity on their roles.
    • Technology Utilization: Leverage technology to facilitate communication, especially in large or geographically dispersed organizations. Intranets, collaboration platforms, and other tools can enhance the accessibility of information.

In summary, effective communication of authorities, responsibilities, and accountabilities related to risk management is vital for building a resilient and risk-aware organizational culture. It ensures that everyone is on the same page, understands their contributions, and actively participates in managing risks to achieve organizational objectives.

The authorities, responsibilities and accountabilities for relevant roles should emphasize that risk management is a core responsibility

Emphasizing that risk management is a core responsibility is crucial for embedding a risk-aware culture throughout an organization. By clearly defining the authorities, responsibilities, and accountabilities related to risk management and highlighting their importance, organizations can promote a proactive approach to identifying, assessing, and managing risks at all levels. Here’s why this emphasis is important and how it can be implemented:

  1. Integration into Job Descriptions:
    • Clearly Define Expectations: Ensure that job descriptions explicitly state the responsibilities and accountabilities related to risk management. This communicates the expectation that managing risk is an integral part of each role within the organization.
  2. Training and Education:
    • Incorporate Risk Management Training: Include risk management training as a fundamental component of employee onboarding and ongoing professional development. This ensures that employees are equipped with the knowledge and skills needed to fulfill their risk management responsibilities.
  3. Performance Appraisals:
    • Link to Performance Metrics: Tie risk management performance to key performance indicators (KPIs) and performance appraisals. This connection reinforces the significance of risk management in evaluating individual and team performance.
  4. Communication and Awareness Campaigns:
    • Internal Communication Strategies: Develop internal communication strategies that consistently emphasize the importance of risk management as a core responsibility. Use various channels, such as newsletters, town hall meetings, and intranet platforms, to reinforce this message.
    • Success Stories and Best Practices: Share success stories and best practices related to effective risk management within the organization. Highlighting positive outcomes reinforces the idea that managing risk contributes to overall organizational success.
  5. Leadership Demonstration:
    • Lead by Example: Leaders, including top management and supervisors, should demonstrate a commitment to risk management. Their actions set the tone for the rest of the organization and influence the adoption of risk-aware behavior at all levels.
  6. Incorporate into Organizational Values:
    • Reflect in Core Values: If applicable, incorporate risk management as a core value of the organization. This sends a strong message about the organization’s commitment to managing risks responsibly and ethically.
  7. Continuous Improvement:
    • Encourage Feedback: Establish mechanisms for employees to provide feedback on the risk management process. This feedback loop allows for continuous improvement and adjustment of risk management practices based on real-world experiences.
  8. Recognition and Incentives:
    • Recognize and Reward: Acknowledge and reward individuals or teams that demonstrate exemplary risk management practices. Recognition and incentives can motivate employees to actively engage in risk management activities.
  9. Regular Audits and Assessments:
    • Audit Compliance: Conduct regular audits and assessments to ensure that risk management responsibilities are being carried out as defined. This reinforces the organization’s commitment to compliance with risk management policies.

By emphasizing that risk management is a core responsibility and integrating it into various aspects of organizational processes and culture, companies can build a resilient and proactive approach to risk. This approach contributes to the long-term success and sustainability of the organization in a dynamic and uncertain business environment.

The authorities, responsibilities and accountabilities for relevant roles should identify individuals who have the accountability and authority to manage risk (risk owners)

one key aspect of effective risk management is clearly identifying individuals who have the accountability and authority to manage specific risks within an organization. These individuals are often referred to as “risk owners.” Designating risk owners ensures that there is a clear line of responsibility for each risk, helping to facilitate effective risk identification, assessment, and mitigation. Here’s how authorities, responsibilities, and accountabilities for relevant roles can be structured to identify risk owners:

  1. Clear Definition of Roles: Clearly define the roles involved in the risk management process. This includes roles such as risk owners, who are specifically accountable for managing identified risks.
  2. Identification of Risk Owners: Clearly specify who the risk owners are for each identified risk. This designation should align with the individuals or teams who have the most direct influence or control over the factors that contribute to the risk.
  3. Accountability for Risk Management: Clearly state the accountability of risk owners for the management of their assigned risks. This includes the responsibility to develop and implement risk mitigation plans, monitor risk triggers, and report on the status of risk management efforts.
  4. Authority to Make Decisions: Provide risk owners with the authority necessary to make decisions related to the management of their assigned risks. This may involve authority to allocate resources, adjust processes, or take other actions to address the risk.
  5. Integration with Governance Structure: Ensure that the assignment of risk owners is integrated into the organization’s governance structure. This might involve incorporating risk ownership into existing reporting lines and decision-making processes.
  6. Communication and Transparency: Communicate clearly to all relevant stakeholders who the designated risk owners are for specific risks. This transparency helps create awareness and fosters a culture of accountability for risk management.
  7. Training and Support: Provide training and support to risk owners to enhance their understanding of their roles and responsibilities. This includes ensuring they have the necessary skills and knowledge to effectively manage the risks assigned to them.
  8. Regular Review and Updates: Periodically review and, if necessary, update the assignment of risk owners. This is important as organizational structures and responsibilities may change over time.
  9. Documentation: Document the roles, responsibilities, and authorities of risk owners. This documentation serves as a reference point for both current and future risk management efforts.
  10. Incorporate into Risk Management Framework: Integrate the identification of risk owners into the overall risk management framework of the organization. This ensures consistency and coherence in the approach to risk management.

By clearly identifying risk owners and integrating this designation into the broader risk management framework, organizations can enhance accountability, facilitate effective risk mitigation, and improve overall risk management practices. This structured approach contributes to building a resilient and proactive risk management culture within the organization.

Example of procedure for organizational roles, authorities, responsibilities and accountabilities related to Risk management

Example of Risk Management Roles and Responsibilities Procedure

1. Purpose: The purpose of this procedure is to establish a clear framework for defining and communicating organizational roles, authorities, responsibilities, and accountabilities related to risk management. This procedure ensures a systematic approach to identifying, assessing, and managing risks throughout the organization.

2. Scope: This procedure applies to all employees, departments, and functions within the organization and is an integral part of the overall risk management framework.

3. Procedure

3.1. Identification of Key Roles

a. Risk Owner:

  • Definition: Individuals or teams responsible for the overall management of specific risks.
  • Criteria for selection: Proximity to the risk, expertise in the relevant area, and ability to influence risk factors.
  • Appointment: Designation by department heads or functional leaders in consultation with the risk management team.

b. Risk Manager:

  • Definition: Individuals responsible for coordinating the risk management process within their respective departments or functions.
  • Criteria for selection: Knowledge of risk management principles, communication skills, and ability to collaborate across departments.
  • Appointment: Designation by department heads or functional leaders.

3.2. Authorities and Responsibilities

a. Risk Owner:

  • Authority: Empowered to make decisions and allocate resources to address identified risks.
  • Responsibilities:
    • Develop and implement risk mitigation plans.
    • Monitor risk triggers and assess the effectiveness of risk treatments.
    • Report regularly on the status of assigned risks to the risk management team.

b. Risk Manager:

  • Authority: Coordinate and facilitate the risk management process within their area of responsibility.
  • Responsibilities:
    • Facilitate risk identification and assessment activities.
    • Support risk owners in developing and implementing risk mitigation plans.
    • Compile and report departmental or functional risk profiles to the risk management team.

3.3. Integration with Governance Structure

a. Board of Directors:

  • Oversight: Review and approve the overall risk management strategy and policy.
  • Accountability: Ensure that risk management is integrated into strategic decision-making.

b. Executive Management:

  • Oversight: Review aggregated risk profiles across departments.
  • Accountability: Ensure that risk management processes are consistently applied.

3.4. Communication and Training

a. Communication:

  • Clearly communicate the roles, authorities, responsibilities, and accountabilities related to risk management to all employees.
  • Utilize various channels, including training sessions, newsletters, and intranet platforms.

b. Training:

  • Provide regular training to employees on risk management principles and practices.
  • Ensure that individuals in risk-related roles have the necessary skills and knowledge.
3.5. Review and Updates

a. Periodic Review:

  • Conduct periodic reviews of risk management roles to ensure alignment with organizational changes.
  • Update role descriptions and authorities as needed.

4. Documentation

  1. Maintain a centralized repository of documents related to risk management roles, authorities, responsibilities, and accountabilities.
  2. Make documentation accessible to all relevant stakeholders.

5. Responsibilities

a. Risk Management Team:

  1. Oversee the implementation of this procedure.
  2. Conduct regular reviews and updates.

b. Department Heads/Functional Leaders:

  1. Designate risk owners and managers within their areas.
  2. Ensure that risk management roles are clearly communicated to their teams.

6. Revision History

  • Record changes, updates, and revisions to this procedure.

Example of Competency Matrix

Competency AreaBasic CompetenceIntermediate CompetenceAdvanced Competence
Risk Identification and AssessmentUnderstands basic risk identification concepts.Proficient in identifying and assessing risks independently.Demonstrates expertise in identifying and assessing complex risks.
Risk Mitigation PlanningUnderstands basic risk treatment options.Capable of developing effective mitigation plans.Develops comprehensive and innovative risk mitigation strategies.
Monitoring and ReportingFollows established monitoring processes.Designs and implements monitoring mechanisms.Establishes advanced monitoring systems; provides strategic risk insights.
Risk OwnerUnderstands assigned risks and their implications.Takes ownership of assigned risks; develops and implements mitigation plans.Demonstrates leadership in managing complex risks; integrates risk management into decision-making.
Risk ManagerCoordinates basic risk management processes.Coordinates and facilitates risk management activities; guides risk owners.Leads and optimizes the risk management process; provides strategic direction.
Top ManagementUnderstands the importance of risk management.Integrates risk management into decision-making.Champions a risk-aware culture; ensures alignment with organizational strategy.
Collaboration and CommunicationCommunicates risk information within the team.Effectively communicates risk information to various stakeholders.Communicates strategic risk insights; leads cross-functional collaboration.
Learning and DevelopmentParticipates in basic risk management training.Actively engages in advanced risk management training; pursues professional development.Continuously seeks opportunities for learning and growth; mentors others.

Example of Job descriptions related to ISO 31000 in an organization

1. Risk Manager

Job Purpose:

The Risk Manager is responsible for overseeing the organization’s risk management framework, ensuring the identification, assessment, and mitigation of risks in alignment with ISO 31000 principles.

Key Responsibilities:

  1. Develop and implement the organization’s risk management policy and procedures.
  2. Facilitate the identification of risks across departments through risk assessments and workshops.
  3. Collaborate with department heads and teams to develop comprehensive risk mitigation plans.
  4. Monitor and report on the status of identified risks to executive management and relevant oversight bodies.
  5. Provide guidance and training to employees on risk management principles and practices.
  6. Ensure compliance with ISO 31000 standards and other relevant regulations.
  7. Conduct regular reviews of the risk management framework for continuous improvement.
  8. Collaborate with external auditors to assess the effectiveness of the risk management process.

Qualifications:

  • Bachelor’s degree in Risk Management, Business, or related field.
  • Professional certification in Risk Management (e.g., CRM, ARM) preferred.
  • Proven experience in developing and implementing risk management frameworks.
  • Strong knowledge of ISO 31000 standards and relevant regulations.
  • Excellent communication and interpersonal skills.

2. Risk Analyst

Job Purpose:

The Risk Analyst supports the risk management function by conducting risk assessments, analyzing data, and providing insights to facilitate informed decision-making in accordance with ISO 31000 principles.

Key Responsibilities:

  1. Assist in the identification and assessment of risks through data analysis and collaboration with departmental teams.
  2. Develop risk models and conduct quantitative and qualitative risk assessments.
  3. Maintain and update risk registers, ensuring accuracy and completeness of risk information.
  4. Collaborate with Risk Owners and Managers to develop and implement risk mitigation plans.
  5. Generate regular risk reports for various stakeholders, highlighting key risk indicators.
  6. Monitor and analyze industry trends and regulatory changes affecting risk exposures.
  7. Contribute to the development and improvement of risk management tools and methodologies.

Qualifications:

  • Bachelor’s degree in Finance, Business, or a related field.
  • Relevant certification in risk analysis or data analytics.
  • Proficient in data analysis tools and techniques.
  • Knowledge of risk management principles and ISO 31000 standards.
  • Strong communication and presentation skills.

3. Risk Owner

Job Purpose:

The Risk Owner is responsible for the effective management of specific risks within their department or area of responsibility, ensuring alignment with organizational objectives and ISO 31000 standards.

Key Responsibilities:

  1. Take ownership of identified risks within the department.
  2. Develop and implement risk mitigation plans in collaboration with the Risk Manager.
  3. Monitor risk triggers and assess the effectiveness of risk treatments.
  4. Communicate regularly with the Risk Manager on the status of assigned risks.
  5. Integrate risk management into decision-making processes.
  6. Collaborate with cross-functional teams to address enterprise-wide risks.
  7. Ensure compliance with risk management policies and procedures.

Qualifications:

  • Relevant experience in the specific area of responsibility.
  • Understanding of risk management principles.
  • Effective decision-making skills.
  • Communication and collaboration skills.
  • Proactive approach to risk identification and mitigation.

Published by Pretesh Biswas

Pretesh Biswas has wealth of qualifications and experience in providing results-oriented solutions for your system development, training or auditing needs. He has helped dozens of organizations in implementing effective management systems to a number of standards. He provide a unique blend of specialized knowledge, experience, tools and interactive skills to help you develop systems that not only get certified, but also contribute to the bottom line. He has taught literally hundreds of students over the past 5 years. He has experience in training at hundreds of organizations in several industry sectors. His training is unique in that which can be customized as to your management system and activities and deliver them at your facility. This greatly accelerates the learning curve and application of the knowledge acquired. He is now ex-Certification body lead auditor now working as consultancy auditor. He has performed hundreds of audits in several industry sectors. As consultancy auditor, he not just report findings, but provide value-added service in recommending appropriate solutions. Experience Consultancy: He has helped over 100 clients in a wide variety of industries achieve ISO 9001,14001,27001,20000, OHSAS 18001 and TS 16949 certification. Industries include automotive, metal stamping and screw machine, fabrication, machining, assembly, Forging electrostatic and chrome plating, heat-treating, coatings, glass, plastic and rubber products, electrical and electronic equipment, assemblies & components, batteries, computer hardware and software, printing, placement and Security help, warehousing and distribution, repair facilities, consumer credit counseling agencies, banks, call centers, etc. Training: He has delivered public and on-site quality management training to over 1000 students. Courses include ISO/TS -RAB approved Lead Auditor, Internal Auditing, Implementation, Documentation, as well as customized ISO/TS courses, PPAP, FMEA, APQP and Control Plans. Auditing: He has conducted over 100 third party registration and surveillance audits and dozens of gap, internal and pre-assessment audits to ISO/QS/TS Standards, in the manufacturing and service sectors. Other services: He has provided business planning, restructuring, asset management, systems and process streamlining services to a variety of manufacturing and service clients such as printing, plastics, automotive, transportation and custom brokerage, warehousing and distribution, electrical and electronics, trading, equipment leasing, etc. Education & professional certification: Pretesh Biswas has held IRCA certified Lead Auditor for ISO 9001,14001 and 27001. He holds a Bachelor of Engineering degree in Mechanical Engineering and is a MBA in Systems and Marketing. Prior to becoming a business consultant 6 years ago, he has worked in several portfolios such as Marketing, operations, production, Quality and customer care. He is also certified in Six Sigma Black belt .

Published

Leave a Reply