ISO 31000:2009 Preview

Risk management -- Principles and guidelines

ISO 31000:2009 provides principles and generic guidelines on risk management.

ISO 31000:2009 can be used by any public, private or community enterprise, association, group or individual. Therefore, ISO 31000:2009 is not specific to any industry or sector.

ISO 31000:2009 can be applied throughout the life of an organization, and to a wide range of activities, including strategies and decisions, operations, processes, functions, projects, products, services and assets.

ISO 31000:2009 can be applied to any type of risk, whatever its nature, whether having positive or negative consequences.

Although ISO 31000:2009 provides generic guidelines, it is not intended to promote uniformity of risk management across organizations. The design and implementation of risk management plans and frameworks will need to take into account the varying needs of a specific organization, its particular objectives, context, structure, operations, processes, functions, projects, products, services, or assets and specific practices employed.

It is intended that ISO 31000:2009 be utilized to harmonize risk management processes in existing and future standards. It provides a common approach in support of standards dealing with specific risks and/or sectors, and does not replace those standards.

ISO 31000:2009 is not intended for the purpose of certification.


General information

  • Current status : Published
    Publication date : 2009-11
  • Edition : 1
    Number of pages : 24
  • :
    ISO/TC 262
    Risk management
  • 03.100.01
    Company organization and management in general

Buy this standard

Format Language
PDF + ePub
Paper
PDF
  • CHF118

Got a question?

Check out our FAQs


Customer care
+41 22 749 08 88

Opening hours:
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)

Related links

Life cycle

A standard is reviewed every 5 years



Revisions / Corrigenda

You may be interested in:

http://www.iso.org/standard/
By Katie Bird on
New handbook helps SMEs better manage risks
Evidence reveals that only half of all small and medium-sized enterprises (SMEs) make it beyond their fifth year, suggesting that running a successful business requires managing risks effectively. Making a commitment to better understand and manage risk is therefore key to helping SMEs survive and grow...
By Sandrine Tranchard on
The revision of ISO 31000 on risk management has started
Reducing, anticipating and managing risk are all part of the daily grind for organizations that have integrated risk management into their business strategy. That’s why they often turn to ISO 31000 on risk management to support themselves in this task.
http://www.iso.org/standard/
Get more from your investments with our new IT management collection
Looking to get maximum value from your IT investments? Or to protect your information and IT services against risks? It might just be easier than you think with our much anticipated collection selected for CIO's, IT managers and those who work with them.
http://www.iso.org/standard/
Are you in control of your records?
Business information, once totally paper-based, is now distributed in millions of digital records and e-mails that make up an organization's data. Companies spend a tremendous amount of time and money managing business databases and other corporate records so they can control their activities, improve...
http://www.iso.org/standard/
By Maria Lazarte on
Help at hand for risk management with ISO/TR 31004
After the success of ISO 31000 on the management of risk, a new technical report joins the family. The new ISO/TR 31004:2013, Risk management - Guidance for the implementation of ISO 31000, will help organizations smoothly align their risk management practices to ISO 31000.

Keep up to date with ISO

Sign up to our newsletter for the latest news, views and product information