ISO 31000:2009 – Risk Management
Principles and Guidelines
The purpose of ISO 31000 family of standard is to provide principles and generic guidelines on risk management. Internal and external factors of uncertainty plays an important role for organizations of all types and sizes in whether and when they will achieve their objectives. The effect this uncertainty has on an organization’s objectives is “risk”.
Why ISO 31000?
- Increases the likelihood of achieving objectives;
- Encourages proactive management;
- Be aware of the need to identify and treat risk throughout the organization;
- Improves the identification of opportunities and threats;
- Complies with relevant legal and regulatory requirements and international norms;
- Improves mandatory and voluntary reporting;
- Improves governance;
- Improves stakeholder confidence and trust;
- Establishes a reliable basis for decision making and planning;
- Improves controls;
- Effectively allocates and uses resources for risk treatment;
- Improves operational effectiveness and efficiency;
- Enhances health and safety performance, as well as environmental protection;
- Improves loss prevention and incident management;
- Minimizes losses;
- Improves organizational learning; and
- Improves organizational resilience.
Steps Involved in Implementation
The certification of your quality management system takes place in the following steps. Our experts will be at your disposal during the whole process as competent contacts.
- Preliminary audit (optional)
- GAP Analysis (optional)
- Certification audit: Examination of your documentation and a demonstration of the practical application
- Issue of certification
- Annual surveillance audit
- Re-certification before the end of three years