Courtesy: ISO 31000 Risk management
ISO 31000 is a family of standards relating to risk management codified by the International Organization for Standardization. ISO 31000:2018 provides principles and generic guidelines on managing risks faced by organizations.
ISO 31000 seeks to provide a universally recognized paradigm for practitioners and companies employing risk management processes to replace the myriad of existing standards, methodologies and paradigms that differed between industries, subject matters and regions. For this purpose, the recommendations provided in ISO 31000 can be customized to any organization and its context .
As of 2020, ISO/TC 262, the committee responsible for this family of standards, has published five standards, while four additional standards are in the proposal/development stages.
- ISO 31000:2018 – Risk management – Guidelines
- ISO/TR 31004:2013 – Risk management – Guidance for the implementation of ISO 31000
- IEC 31010:2019 – Risk management – Risk assessment techniques
- ISO 31022:2020 – Risk management – Guidelines for the management of legal risk
- ISO 31030:2021 Travel risk management — Guidance for organizations
- IWA 31:2020 – Risk management – Guidelines on using ISO 31000 in management systems
Standards under development:
- ISO/AWI 31073 – Risk management – Vocabulary
- ISO/WD 31050 – Guidance for managing emerging risks to enhance resilience
- ISO/CD 31070 – Risk management – Guidelines on core concepts
ISO 31000 was published as a standard on 13 November 2009, and provides a standard on the implementation of risk management. A revised and harmonized ISO/IEC Guide 73 was published at the same time. The purpose of ISO 31000:2009 is to be applicable and adaptable for “any public, private or community enterprise, association, group or individual.” Accordingly, the general scope of ISO 31000 – as a family of risk management standards – is not developed for a particular industry group, management system or subject matter field in mind, rather to provide best practice structure and guidance to all operations concerned with risk management. It began the process for its first revision on May 13, 2015. A draft International standard (DIS), which was open for public comment, was published on February 17, 2017. The ISO 31000 has been criticized for lack of solidness and misleading language.
An update to ISO 31000 was added in early 2018. The update is different in that “ISO 31000:2018 provides more strategic guidance than ISO 31000:2009 and places more emphasis on both the involvement of senior management and the integration of risk management into the organization