Overview of
          ISO 31000 2009 Risk Management Standard

ISO 31000 2009 is now OBSOLETE. Please see ISO 31000 2018.

The diagram below shows how the three main sections are interrelated
and how each of these three sections are organized. The standard starts by
listing a set of risk management principles. Use these principles to guide the
establishment of your risk management framework. Then use the framework
to guide the establishment of your risk management process. Together these
three sections make up what ISO 31000 calls a risk management architecture.

ISO 31000


Part 3 of ISO 31000 discusses risk management principles. These
principles provide a pragmatic conceptual foundation for the rest of the
standard. Part 3 says that your approach to risk management should be
an integral part of your organizationís processes (especially its decision
making process), should be tailored to its environment, should create and
protect value, and should support and encourage continual improvement.
It also says that your approach should not only be structured, systematic,
and iterative, it should also be dynamic, responsive, and inclusive. In
addition, your approach should not only address the human and cultural
factors that influence the achievement of your organizationís objectives,
it should also deal with the many uncertainties that threaten your
organizationís success.

In general, these risk management principles should influence how
you design and implement your organizationís risk management
framework (Part 4) and process (Part 5).


Part 4 discusses ISOís risk management framework. It starts by
asking you to make risk management part of your organizationís general
management system and to use this risk management framework to support
your risk management process (Part 5). Then, in Part 4.2, it asks you to make
a commitment to risk management by establishing a risk management policy,
by formulating risk management objectives, and by assigning risk
management responsibilities.

Part 4 is an iterative (cyclical) process. This iterative process starts by
asking you to make a commitment to risk management. It then asks you to
design, implement, monitor, and improve your risk management framework,
and to do it in that order. Repeat this iterative process whenever you need
to change your risk management policy, modify your risk management
objectives, or improve your framework.


Part 5 explains how to apply a risk management process. It starts by
asking you to make risk management an integral part of your organizationís
management approach. It then emphasizes the need to communicate and
consult with both external and internal stakeholders and to continuously
monitor and review your organizationís risk management process.

The risk management process itself starts by establishing your
organizationís unique context. Once you understand both your external
and internal context, youíre ready to carry out your risk assessment process,
which involves identifying, analyzing, and evaluating risks. Once you know
what your risks are, youíre ready to formulate and implement risk treatment
plans. Repeat this process every time you have a risk that needs to be
assessed and controlled.

OUR ISO 31000 2018 PAGES

Introduction to ISO 31000 2018

Outline of ISO 31000 2018 Standard

Overview of ISO 31000 2018 Standard

Plain English Risk Management Definitions

ISO 31000 2018 Translated into Plain English

ISO 31000 2018 Risk Management Audit Tool

Plain English Risk Management Checklist

Our Plain English Approach

Home Page

Our Library

A to Z Index


How to Order

Our Products

Our Prices


Praxiom Research Group Limited        help@praxiom.com        780-461-4514

Updated on August 8, 2018. First published on August 31, 2010.

 Legal Restrictions on the Use of this Page
Thank you for visiting this page. You are, of course, welcome to view our
 material as often as you wish, free of charge. And as long as you keep intact
 all copyright notices, you are also welcome to print or make one copy of this
 page for your own personal, noncommercial, home use. But, you are not
 legally authorized to print or produce additional copies or to copy and paste
 any of our material onto another web site or to republish it in any way.

Copyright © 2010 - 2018 by Praxiom Research Group Limited. All Rights Reserved.

Praxiom Research Group Limited