The new ISO standard for effective management of risk ISO 31000 provides principles, framework and a process for managing any form of risk in a transparent, systematic and credible manner within any scope or context.
At the same time, ISO is publishing ISO Guide 73:2009, Risk management vocabulary, which complements ISO 31000 by providing a collection of terms and definitions relating to the management of risk.
The standard recommends that organizations develop, implement and continuously improve a risk management framework as an integral component of their management system.
“ISO 31000 is a practical document that seeks to assist organizations in developing their own approach to the management of risk. But this is not a standard that organizations can seek certification to. By implementing ISO 31000, organizations can compare their risk management practices with an internationally recognized benchmark, providing sound principles for effective management. ISO Guide 73 will further ensure that all organizations are on the same page when talking about risk,” said Kevin W. Knight, Chair of the ISO working group that developed the standard
ISO 31000 is designed to help organizations:
- Increase the likelihood of achieving objectives
- Encourage proactive management
- Be aware of the need to identify and treat risk throughout the organization
- Improve the identification of opportunities and threats
- Comply with relevant legal and regulatory requirements and international norms
- Improve financial reporting
- Improve governance
- Improve stakeholder confidence and trust
- Establish a reliable basis for decision making and planning
- Improve controls
- Effectively allocate and use resources for risk treatment
- Improve operational effectiveness and efficiency
- Enhance health and safety performance, as well as environmental protection
- Improve loss prevention and incident management
- Minimize losses
- Improve organizational learning
- Improve organizational resilience.
ISO 31000 and ISO Guide 73 can be applied to any public, private or community enterprise, association, group or individual.