What is ISO 31000?
ISO 31000 is a family of standards, under the ISO standards, that aim at applying to risk management. It helps to describes the components of a risk management framework. It also includes the essential steps in the implementation and also ongoing support of the risk management process. the Organizations that are using it can compare their risk management practices with an internationally recognised benchmark, thus providing of the principles for efficient management and also for corporate governance.
ISO 31000:2009 helps to provides principles and the generic guidelines on risk management.It can also be used by any public, private or a community enterprise, association, group or individual. Therefore, the ISO 31000:2009 is thus not specific to any of the industry or sector.
It can also be applied throughout the life of an organization, and also to a wide range of activities, including the strategies and the decisions, operations, processes, functions, projects, products, services and assets. It can also be applied to any type of risk, whatever is its nature, whether having positive or negative consequences.
Although ISO 31000:2009 provides generic guidelines, it is not intended to promote uniformity of risk management across organizations. The design and implementation of risk management plans and frameworks will need to take into account the varying needs of a specific organization, its particular objectives, context, structure, operations, processes, functions, projects, products, services, or assets and specific practices employed.
It is also intended that the ISO 31000:2009 can be utilized in order to harmonize risk management processes in the existing and future standards. It also provides a common approach in the support of standards for dealing with the specific risks and/or sectors, and it also does not replace those standards.
However it is not intended for the purpose of certification.
ISO registration can be applied for here.