ISO 31000:2009, Risk management – Principles and guidelines, provides principles, framework and a process for managing risk. It can be used by any organization regardless of its size, activity or sector. Using ISO 31000 can help organizations increase the likelihood of achieving objectives, improve the identification of opportunities and threats and effectively allocate and use resources for risk treatment.
However, ISO 31000 cannot be used for certification purposes, but does provide guidance for internal or external audit programmes. Organizations using it can compare their risk management practices with an internationally recognised benchmark, providing sound principles for effective management and corporate governance.
ISO 31000 was published as a standard on the 13th of November 2009, and provides a standard on the implementation of risk management. A revised and harmonised ISO/IEC Guide 73 was published at the same time. The purpose of ISO 31000:2009 is to be applicable and adaptable for "any public, private or community enterprise, association, group or individual. Accordingly, the general scope of ISO 31000 - as a family of risk management standards - is not developed for a particular industry group, management system or subject matter field in mind, rather to provide best practice structure and guidance to all operations concerned with risk management.
ISO 31000:2009 gives a list in order of preference on how to deal with risk :
Avoiding the risk by deciding not to start or continue with the activity that gives rise to the risk
Accepting or increasing the risk in order to pursue an opportunity
Removing the risk source
Changing the likelihood
Changing the consequences
Sharing the risk with another party or parties(including contracts and risk ﬁnancing)
Retaining the risk by informed decision
It is the latest standard
Any organization – large or small, for profit or non-profit, private or public. The standard is conceived in such a way that it is applicable to any size or type of organization
DRIVERS FOR CERTIFICATION
International Standards are strategic tools and guidelines to help companies tackle some of the most demanding challenges of modern business. They ensure that business operations are as efficient as possible, increase productivity and help companies access new markets.
Benefits include :
Cost savings - International Standards help optimise operations and therefore improve the bottom line
Enhanced customer satisfaction - International Standards help improve quality, enhance customer satisfaction and increase sales
Access to new markets - International Standards help prevent trade barriers and open up global markets
Increased market share - International Standards help increase productivity and competitive advantage
Environmental benefits - International Standards help reduce negative impacts on the environment