Organizations use various methods to manage the effect of uncertainty in their objectives. This can include managing risk, detecting and understanding it and modifying where necessary.
This Technical Report is intended to assist organizations to enhance the effectiveness of their risk management efforts by aligning them with BS ISO 31000:2009 Risk management - Principles and guidelines.
BS ISO 31000 provides a generic risk management approach that can be applied to all organizations to help achieve their objectives. This guidance is for organizations managing risk through implementing BS ISO 31000. It provides:
- A structured approach for organizations to transition their risk management arrangements in order to be consistent with BS ISO 31000, in a manner tailored to the characteristics of the organization;
- An explanation of the underlying concepts of BS ISO 31000;
- Guidance on aspects of the principles and risk management framework that are described in BS ISO 31000.
It is intended to be used by those within organizations who make decisions that impact on achieving its objectives, including those responsible for governance and those who provide organizations with risk management advice and support services.
It can be used by anyone interested in risk and its management, including teachers, students, legislators and regulators.
It is recommended that the report is read in conjunction with BS ISO 31000 and is applicable to all types and sizes of organization. The core concepts and definitions that are central to understanding BS ISO 31000 are explained in Annex A.
This Technical Report can be used by any public, private or community enterprise, association, group or individual. It is not specific to any industry or sector, or to any particular type of risk, and can be applied to all activities and to all parts of organizations.
You can purchase your copy of BS ISO 31000:2009 Risk management - Principles and guidelines here
- Normative references
- Implementing ISO 31000
- How to implement ISO 31000
- Integration of ISO 31000 into the organization’s management processes
- Continual improvement
- Annex A (informative) Underlying concepts and principles
- Annex B (informative) Application of ISO 31000 principles
- Annex C (informative) How to express mandate and commitment
- Annex D (informative) Monitoring and review
- Annex E (informative) Integrating risk management within a management system