ISO/IEC 31000 - Risk Management
Governance, Risk & Compliance
Risks affecting organizations can have consequences in terms of economic performance and professional reputation, as well as environmental, safety and societal outcomes. Therefore, managing risk effectively helps organizations to perform well in an environment full of uncertainty.
ISO 31000:2009, Risk management – Principles and guidelines, provides principles, framework and a process for managing risk. It can be used by any organization regardless of its size, activity or sector.
Using ISO/IEC 31000 can help organizations increase the likelihood of achieving objectives, improve the identification of opportunities and threats and effectively allocate and use resources for risk treatment.
However, ISO 31000 cannot be used for certification purposes, but does provide guidance for internal or external audit programmes. Organizations using it can compare their risk management practices with an internationally recognised benchmark, providing sound principles for effective management and corporate governance.
Creating synchronizing job hazard analysis, measuring risk levels and designing control measures.
Principles of ISO 31000
- SHOULD CREATE AND PROTECT VALUE
- SHOULD BE PART OF ALL PROCESSES
- SHOULD BE PART OF YOUR DECISION MAKING
- SHOULD BE USED TO HANDLE UNCERTAINTY
- SHOULD BE SYSTEMATIC AND TIMELY
- SHOULD BE BASED ON THE BEST DATA
- SHOULD BE TAILORED TO YOUR ENVIRONMENT
- SHOULD CONSIDER HUMAN FACTORS
- SHOULD BE TRANSPARENT AND INCLUSIVE
- SHOULD BE RESPONSIVE AND ITERATIVE
- SHOULD BE RESPONSIVE AND ITERATIVE
