From business interruption and financial volatility to operational and strategic challenges, no company is immune. While it is impossible to eliminate these risks, managing them is essential. That’s what the ISO 31000:2009 Risk Management Principles and Guidelines are all about.
These guidelines, which are issued by the International Organization for Standardization (ISO) and developed with participation from 30 countries, propose a new global standard for risk management. The aim is to establish a consistent risk management framework that can be integrated across various industries and regions and adopted by any organization - including public, private, not-for-profit and government organizations.
Rather than simply proposing a process for risk management activities (as do ASNZ 4360 and COSO Enterprise Risk Management - Integrated Framework), ISO 31000:2009 addresses the entire management system - from design, implementation and maintenance to the improvement of risk management processes. And while its adoption is not mandatory, businesses interested in strengthening their risk management practices should seriously consider adding elements of this new framework into their existing processes.
The Benefits:
ISO 31000 benefits include:
- Provides principles and generic guidelines on risk management.
- Provides generic guidelines, it is not intended to promote uniformity of risk management across organizations.
- It is intended that ISO 31000 be utilized to harmonize risk management processes in existing and future standards.
- It provides a common approach in support of standards dealing with specific risks and/or sectors, and does not replace those standards.
