FR | NL | EN
   About us     Contact     Glossary index     Sitemap   

   Home > ISO 31000 - Risk management

ISO 31000 - Risk management     Print


The purpose is to provide principles and generic guidelines on risk management. The purpose is to be applicable and adaptable for "any public, private or community enterprise, association, group or individual." Accordingly, the general scope of the ISO 31000 family of risk management standards is not developed for a particular industry group, management system or subject matter field in mind, rather to provide best practice structure and guidance to all operations concerned with risk management.


The ISO 31000 family includes:

  • ISO 31000: Principles and Guidelines on Implementation
  • IEC 31010: Risk Management - Risk Assessment Techniques
  • ISO/IEC 73: Risk Management - Vocabulary


ISO 31000ISO 31000 provides generic guidelines for the design, implementation and maintenance of risk management processes throughout an organisation. The scope of this approach to risk management is to enable all strategic, management and operational tasks of an organization throughout projects, functions, and processes to be aligned to a common set of risk management objectives.

ISO 31000 has been received as a replacement to the AS/NZS 4360 standard on risk management. Whereas the Standards Australia approach provided a process by which risk management could be undertaken, ISO 31000 addresses the entire management system that supports the design, implementation, maintenance and improvement of risk management processes.

Source: International Organization for Standardization (ISO)

QAP © 2010 | advice[at] | audit[at]
   Audit     Advisory     Training     Change     Disclaimer     Copyright