ISO 31000 offers companies and other organizations guidelines to integrate risk-aware decision making into their governance, planning, reporting, policies, values and culture. It’s an open, principle-based system that makes the standard apt for any context. The international standard is both intended for risk management on corporate level and the management of strategic and operational risks in the daily operations or projects.
ISO 31000 was revised in 2018, almost 10 years after its first publication in 2009. Because of that revision, the standard is now completely in line with the current market situation and takes new challenges for organizations into account. Some examples: the increasing complexity of economic systems and emerging risks, such as digital currencies and cyber criminality.
Important: the concept of risk management (and risk assessment), as described in ISO 31000, was important input for the new generation of risk-based management standards, such as ISO 9001 (quality management), ISO 14001 (environmental management) and ISO 45001 (occupational health and safety).