Overview of ISO 31000 2009 Risk Management
          Standard

The diagram below shows how the three main sections are interrelated
and how each of these three sections are organized. The standard starts by
listing a set of risk management principles. Use these principles to guide the
establishment of your risk management framework. Then use the framework
to guide the establishment of your risk management process. Together these
three sections make up what ISO 31000 calls a risk management architecture.

ISO 31000
                  Architecture 

OVERVIEW OF PART 3: RISK MANAGEMENT PRINCIPLES

Part 3 of ISO 31000 discusses risk management principles. These
principles provide a pragmatic conceptual foundation for the rest of the
standard. Part 3 says that your approach to risk management should be
an integral part of your organizationís processes (especially its decision
making process), should be tailored to its environment, should create and
protect value, and should support and encourage continual improvement.
It also says that your approach should not only be structured, systematic,
and iterative, it should also be dynamic, responsive, and inclusive. In
addition, your approach should not only address the human and cultural
factors that influence the achievement of your organizationís objectives,
it should also deal with the many uncertainties that threaten your
organizationís success.

In general, these risk management principles should influence how
you design and implement your organizationís risk management
framework (Part 4) and process (Part 5).

OVERVIEW OF PART 4: RISK MANAGEMENT FRAMEWORK

Part 4 discusses ISOís risk management framework. It starts by
asking you to make risk management part of your organizationís general
management system and to use this risk management framework to support
your risk management process (Part 5). Then, in Part 4.2, it asks you to make
a commitment to risk management by establishing a risk management policy,
by formulating risk management objectives, and by assigning risk
management responsibilities.

Part 4 is an iterative (cyclical) process. This iterative process starts by
asking you to make a commitment to risk management. It then asks you to
design, implement, monitor, and improve your risk management framework,
and to do it in that order. Repeat this iterative process whenever you need
to change your risk management policy, modify your risk management
objectives, or improve your framework.

OVERVIEW OF PART 5: RISK MANAGEMENT PROCESS

Part 5 explains how to apply a risk management process. It starts by
asking you to make risk management an integral part of your organizationís
management approach. It then emphasizes the need to communicate and
consult with both external and internal stakeholders and to continuously
monitor and review your organizationís risk management process.

The risk management process itself starts by establishing your
organizationís unique context. Once you understand both your external
and internal context, youíre ready to carry out your risk assessment process,
which involves identifying, analyzing, and evaluating risks. Once you know
what your risks are, youíre ready to formulate and implement risk treatment
plans. Repeat this process every time you have a risk that needs to be
assessed and controlled.


OTHER ISO 31000 PAGES

Introduction to ISO 31000 2009

Plain English Risk Management Definitions

ISO 31000 Standard Translated into Plain English

ISO 31000 Risk Management Audit Program

Plain English Risk Management Checklist

Our Plain English Approach


Home Page

Our Libraries

A to Z Index

Customers

How to Order

Our Products

Our Prices

Guarantee

Praxiom Research Group Limited        help@praxiom.com        780-461-4514

Updated on September 17, 2016. First published on August 31, 2010.

 Legal Restrictions on the Use of this Page
Thank you for visiting this page. You are, of course, welcome to view our
 material as often as you wish, free of charge. And as long as you keep intact
 all copyright notices, you are also welcome to print or make one copy of this
 page for your own personal, noncommercial, home use. But, you are not
 legally authorized to print or produce additional copies or to copy and paste
 any of our material onto another web site or to republish it in any way.

Copyright © 2010 - 2016 by Praxiom Research Group Limited. All Rights Reserved.

Praxiom Research Group Limited