Application of Risk Management at an Ecuadorian Electric Company

Eva Merchán Cordero, Diego Ponce


Risk management is an administrative tool that, through a comprehensive and systematic approach, promotes continuous improvement, efficiency and effectiveness, allowing organizations to make decisions and control uncertainty in relation to the assets that are most exposed.  The objective of this technical article is to expose the knowledge and experience gained in the application of ISO 31000 Risk Management in the Empresa Eléctrica Regional Centro Sur C.A. (Centrosur), which by offering a public service is exposed to factors and influences internal and external that jeopardize its objectives.   Given the multiple differences between the companies and the risks to which they are exposed, it is not possible to make recommendations that are universally accepted, in this sense; this article will become important as long as it is interpreted as a guide for those who are immersed in an implementation of ISO 31000 Standard.   Answer the questions where am I with respect to risk? and what resources are available to adapt the organizational culture to ISO 31000 ?, involved the use of research methods such as surveys and direct observation, resulting in the identification of gaps, a necessary input for the development of an architecture (principles, management framework, risk management and treatment process) for risk management fully adapted to the institutional reality. In order to make the architecture presented as integral, consistent and sustainable over time, strategic components were incorporated, leaving aside informal and heterogeneous practices present in the organization.


Risk management; ISO 31000 recommendations; ISO 31010; Implementation of ISO 31000; Adaptation of ISO 31000.

Full Text:



Empresa Eléctrica Regional Centro Sur C.A. “Strategic Plan 2014-2017.” Internet:, 2015 [Jan. 04, 2017].

Constitutional Court of Ecuador (CCE). “Official register N ° 280”. Internet:, Jul.02, 2014 [Oct. 27, 2016].

ISO (International Standard Organization). “ISO 31000 Risk management - Principles and Guidelines” Switzerland, 2009.

Empresa Eléctrica Regional Centro Sur C.A. Manual of Processes and Procedures. Cuenca, Ecuador: Centrosur, 2009.

McKinsey, Tom, P., & Robert, W. “Model of the 7 S of McKinsey”. Internet:, May. 09, 2009 [Mar. 22, 2017].

ISO (International Standard Organization). ISO 31000 Risk Management - Practical Guide for SMEs. Switzerland, 2015, pp. 46-82

ISO (International Standard Organization). “ISO-IEC 27005 Information Technology - Security techniques - Risk management in information security”. Switzerland, 2011,

AUDISIS. “Integral audit.” Internet:, Apr. 05, 2017 [Apr. 23, 2017].

ISOTools Excellense. “ISO 31000 STANDARD. The value of risk management in organizations.” Internet:, 2009 [Feb. 10, 2017].

European Commission of UE. “Micro-enterprises, small and medium-sized enterprises: Definition and scope”. Internet:, 2003[Jul. 11, 2017].

CGE (Comptroller General of the State). “Rules of internal control for entities, public sector organizations and legal entities of private law that have public resources.” Internet:, Nov. 16, 2009 [Feb. 20, 2017].

CGE (Comptroller General of the State). “Agreement 004-CG-2016 Regulation of Responsibilities.” Internet:, Feb. 18, 2016 [Feb. 17, 2017].

Standards Australia International. “SA / SNZ HB 436 Risk management guideline.” New Zealand, 2004.


  • There are currently no refbacks.

Comments on this article

View all comments




About ASRJETS | Privacy PolicyTerms & Conditions | Contact Us | DisclaimerFAQs 

ASRJETS is published by (GSSRR).