Certifications

ISO 31000:2018

Risk Management System

ISO 31000:2018 provides guidelines on managing risk faced by organizations. ISO 31000 is a family of standards relating to risk management codified by the International Organization for Standardization. ISO 31000 was originally published in 2009 and an updated version was published in February 2018. However, the overall purpose of ISO 31000 remains the same – integrating the management of risk into a strategic and operational management system. ISO 31000:2018 provides a set of principles, guidelines for the design, implementation of a risk management framework and recommendations for the application of a risk management process. ISO 31000:2018 provides principles and generic guidelines on managing risks faced by organizations. The application of these guidelines can be customized to any organization and its context. ISO 31000:2018 provides a common approach to managing any type of risk and is not industry or sector specific. ISO 31000:2018 can be used throughout the life of the organization and can be applied to any activity, including decision-making at all levels. In addition to addressing operational continuity, ISO 31000 provides a level of reassurance in terms of economic resilience, professional reputation and environmental and safety outcomes. In a world of uncertainty, ISO 31000 is tailor-made for any organization seeking clear guidance on risk management. Using ISO 31000 can help organizations increase the likelihood of achieving objectives, improve the identification of opportunities and threats and effectively allocate and use resources for risk treatment. However, ISO 31000 cannot be used for certification purposes, but does provide guidance for internal or external audit programmes. Organizations using it can compare their risk management practices with an internationally recognized benchmark, providing sound principles for effective management and corporate governance.