ISO 31000 - Risk management

Risks affecting organizations can have consequences in terms of economic performance and professional reputation, as well as environmental, safety and societal outcomes. Therefore, managing risk effectively helps organizations to perform well in an environment full of uncertainty.

ISO 31000:2009

ISO 31000:2009, Risk management – Principles and guidelines, provides principles, framework and a process for managing risk. It can be used by any organization regardless of its size, activity or sector. Using ISO 31000 can help organizations increase the likelihood of achieving objectives, improve the identification of opportunities and threats and effectively allocate and use resources for risk treatment.
However, ISO 31000 cannot be used for certification purposes, but does provide guidance for internal or external audit programmes. Organizations using it can compare their risk management practices with an internationally recognised benchmark, providing sound principles for effective management and corporate governance.

Related Standards

A number of other standards also relate to risk management.

ISO Store

Visit the ISO Store to buy more standards

Cover of ISO 31000 - Risk management

ISO 31000 Risk management - a practical guide for SMEs

Indepth guidance for SMEs looking to improve their risk management practices.

Useful articles

ISO tackles early warning system for landslides

by Elizabeth Gasiorowski-Denis

A landslide often causes high material damage with corresponding costs or even personal injury and death. Now, new work on early warning systems started by ISO will help warn populations in disaster prone areas of the risks and actions needed in the likelihood of a landslide.

Read the full entry

Make resilience the key to a prosperous future

by Clare Naden

We live in a world of uncertainty and instability, and where the rate of change is accelerating at speeds never seen before. At today’s rate of change, the 21st century will see 20,000 years of progress, which will be a thousand times more than in the century before. So how can organizations keep up? Resilience is the key, and a new standard in development aimed at helping organizations be resilient has just reached a crucial stage.

Read the full entry

New handbook helps SMEs better manage risks

by Katie Bird

Evidence reveals that only half of all small and medium-sized enterprises (SMEs) make it beyond their fifth year, suggesting that running a successful business requires managing risks effectively. Making a commitment to better understand and manage risk is therefore key to helping SMEs survive and grow sustainably.

Read the full entry


Mainstreaming disaster management

Disasters often strike without warning and leave a trail of destruction in their wake. Yet armed with the right tools, the chances of getting through the toughest circumstances are improved. Here, we look at some of the deadly hazards we've been exposed to, and how standards can help us to prepare for, and react in, many of life's most unpredictable scenarios.

The revision of ISO 31000 on risk management has started

Reducing, anticipating and managing risk are all part of the daily grind for organizations that have integrated risk management into their business strategy. That's why they often turn to ISO 31000 on risk management to support themselves in this task.