What is ISO 31000?


ISO 31000 is a family of standards, under the ISO standards, that aim at applying to risk management. It helps to  describes the components of a risk management framework. It also  includes the essential steps in the implementation and also ongoing support of the risk management process. the Organizations that are using it can compare their risk management practices with an internationally recognised benchmark, thus providing of the principles for efficient management and also for corporate governance.

ISO 31000:2009 helps to provides principles and the generic guidelines on risk management.It  can also  be used by any public, private or a  community enterprise, association, group or individual. Therefore, the ISO 31000:2009 is thus not specific to any of the industry or sector.

It  can also be applied throughout the life of an organization, and also  to a wide range of activities, including the strategies and the decisions, operations, processes, functions, projects, products, services and assets. It can also be applied to any type of risk, whatever is its nature, whether having positive or negative consequences.

Although ISO 31000:2009 provides generic guidelines, it is not intended to promote uniformity of risk management across organizations. The design and implementation of risk management plans and frameworks will need to take into account the varying needs of a specific organization, its particular objectives, context, structure, operations, processes, functions, projects, products, services, or assets and specific practices employed.

It is also intended that the  ISO 31000:2009 can  be utilized in order to harmonize risk management processes in the existing and future standards. It also  provides a common approach in the  support of standards for dealing with the  specific risks and/or sectors, and it also does not replace those standards.

However it is not intended for the purpose of certification.

ISO registration can be applied for here.