BCom (Business Management) with an elective stream: Risk-Based Integrated Management


The generic content of this qualification is easy to adapt for application across a wide range of industries and organisations, to assist in:

  • planning and designing a risk-based integrated management system;
  • establishing and documenting the integrated management system;
  • integrating risk management with all organisational processes, and implementing risk-based integrated management (RIM); and
  • continually evaluating and improving organisational performance by increasing awareness and developing capabilities based on continuous learning and experience.

The underlying principles of this approach are strategic thinking, process management, systems thinking and stakeholder involvement.

Target group

Students pursuing a formal qualification to function effectively at all leadership levels as a:

  • risk manager;
  • integrated management systems manager;
  • compliance and/or governance manager; and
  • business continuity/resilience manager.

Overview: Risk-based integrated management (RIM)

With growing competitiveness, and higher expectations from customers and the global marketplace, organisations are under increasing pressure to demonstrate their status as good corporate citizens and suppliers with, among others, effective quality and continuity management systems, sound environmental practices and a robust safety culture. To meet these expectations, many organisations have adopted internationally recognised standards, frameworks and guidelines to set up and operate an integrated management system and ensure that the organisation can fulfil all tasks required to achieve its business objectives.

With an integrated management system, the organisation becomes a unified whole, with each function aligned behind a single goal: improving the performance of the entire organisation. Instead of working in ‘silos’, the organisation will operate a genuinely coordinated system – one that is greater than the sum of its parts and can achieve more than ever before.

An integrated management system is not bureaucracy, tons of paper, a barrier to creativity and change, or a substitute for clear thinking and common sense. Instead, it is a systematic approach that reduces uncertainty (by contributing to predictable outcomes) and enables ongoing improvement.

1. Management system requirements

In order to plan for the development of an integrated management system, management should consider the specific legal requirements, as well as the requirements of the (international, national, regional and/or industry-sector) management system standards or specifications to which they wish to subscribe.

Industry is also acutely aware of the power of self-regulation to pre-empt government regulation.  There is a significant trend towards redefining expectations about corporate behaviour, both within organisations and the broader international society in which they operate.

2. Integrated management

Effective integrated management must embrace all areas of business: strategy, risk, finance, human resources, supply chain management, marketing, manufacturing and operating systems, information/knowledge management and frontline staff – in essence, all aspects of operational processes.

Although the integrated management system represents the foundation, the ultimate objective is integrated management. By omitting the word ‘system’, the actual intent of systems integration becomes obvious, namely changing the subject of integration from ‘system’ to ‘management’.

3. Risk-based integrated management (RIM)

Risk management is currently on everyone’s corporate agenda, whether private or public. Governments, stock exchanges, shareholders and regulators all pay special attention to risk management.

ISO 31000 is an international standard that provides the principles and guidelines for effective risk management. It asserts that risk management is not only about avoiding or minimising risk, but is an integral part of all organisational activities and processes, including decision-making. Risk management is not a stand-alone activity separate from the activities and processes (and, therefore, the management system) of the organisation. Everyone in an organisation is responsible for managing risk, as risk management improves decision-making at all levels.