BS 31100:2008 (Paperback) - Code of practice for risk management – BSI British Standards
Maintenance will be taking place for BSI Shop on Saturday 30th January 2021 between 08:00 AM and 14:00 PM UK time. During this period, BSI Shop will be unavailable or may have limited functionality. Please do not make any purchases during these works. Please accept our apologies for any inconvenience caused during this essential maintenance.

BS 31100:2008 (Paperback)

Code of practice for risk management

Status : Withdrawn   Published : October 2008

*To ask about withdrawn titles contact the
Customer Relations, +44 345 086 9001

This standard has now been revised by the latest edition, BS 31100:2011

BS 31100 is a key standard for risk management. It gives you an understanding on how to develop, implement and maintain effective risk management within your business. Using BS 31100 effectively can help you increase your company's effectiveness.

Organizations of all types and sizes face a range of risks affecting the achievement of their objectives. While “risk” is normally regarded as negative, risk management is as much about exploiting potential opportunities as preventing potential problems. It is important to bear this in mind whenever managing risk, and in reading this standard. Risk management is an essential part of good management.

Effective risk management help you achieve your objectives by:

a) Reducing the likelihood of events that would have a negative impact on your business
b) Increasing the likelihood of events that would have a positive impact on your business
c) Identifying opportunities where taking risks might benefit your business
d) Improving accountability, decision making, transparency and visibility
e) Identifying, understanding and managing multiple and cross-organization risks
f) Executing change more effectively and efficiently and improving project management
g) Providing better understanding of, and compliance with, relevant governance, legal and regulatory requirements, and corporate social responsibility and ethical requirements
h) Protecting your revenue and enhancing value for money
i) Protecting your reputation and stakeholder confidence
j) Proactively managing your organization’s operations
k) Controlling expenditure and delivering a cost-optimal control environment
l) Retaining and developing customers by being more flexible and responsive to their needs.

The benefits of good risk management (and the consequences of poor risk management) will be felt by you, your staff, shareholders, customers and other stakeholders.

BS 31100 provides recommendations for the framework, process and implementation of risk management and should be used for:

  • Ensuring that your business achieves its objectives
  • Ensuring risks are proactively managed in specific areas or activities
  • Overseeing risk management in your company
  • Providing assurance on your risk management strategy
  • Reporting to stakeholders, e.g. through annual financial statements, corporate governance reports or corporate social responsibility reports.

BS 31100 establishes the principles and terminology for risk management. It also gives recommendations for the model, framework, process and implementation of risk management gained from experience and good practice.

This key standard for risk management is useful to CEOs, CFOs, CROs, CIOs, COOs and CTOs; chairmen and company secretaries; managing, IT and finance directors; risk, insurance, claims and business continuity managers; information security specialists; underwriters;  Health and Safety officers; and heads of legal affairs.

Risk management principles
Risk management framework
Risk management process
Developing risk management activities
Annex A (informative) risk categories
Annex B (informative) risk management tools
Annex C (informative) Effects of controls
Annex D (informative) risk maturity models
Annex E (normative) incorporating potentially positive consequences of risk
List of figures
Figure 1 – risk management perspectives
Figure 2 – risk management model
Figure 3 – risk management framework
Figure 4 – the risk management process
List of tables
Table B.1 – Examples of risk management tools (including techniques)

See frequently asked questions about BS ISO 31000 and BS 31100


Standard NumberBS 31100:2008 (Paperback)
TitleCode of practice for risk management
Publication Date31 October 2008
Withdrawn Date31 July 2012
Normative References(Required to achieve compliance to this standard)No other standards are normatively referenced
Informative References(Provided for Information)No other standards are informatively referenced
ISBN978 0 580 57434 4
File Size0 KB

*To ask about withdrawn titles contact the
Customer Relations, +44 345 086 9001
 Your basket
Your basket is empty

Multi-user access to over 3,500 medical device standards, regulations, expert commentaries and other documents

Develop a PAS

Develop a fast-track standardization document in 9-12 months

Tracked Changes

Understand the changes made to a standard with our new Tracked Changes version

Worldwide Standards
We can source any standard from anywhere in the world

Customers who bought this product also bought