by jbs112309 e3 — November 27, 2009—A new International Standard, ISO 31000:2009, Risk management—Principles and guidelines, will help organizations of all types and sizes to manage risk effectively. ISO 31000 provides principles, framework and a process for managing any form of risk in a transparent, systematic and credible manner within any scope or context.
At the same time, ISO is publishing ISO Guide 73:2009, Risk management vocabulary , which complements ISO 31000 by providing a collection of terms and definitions relating to the management of risk.
Kevin W. Knight AM, Chair of the ISO Working Group on Risk Management, explains, “All organizations, no matter how big or small, face internal and external factors that create uncertainty on whether they will be able to achieve their objectives. The effect of this uncertainty is ‘risk’ and it is inherent in all activities.
“ISO 31000 is a practical document that seeks to assist organizations in developing their own approach to the management of risk,” continues Mr. Knight. “But this is not a standard that organizations can seek certification to. By implementing ISO 31000, organizations can compare their risk management practices with an internationally recognized benchmark, providing sound principles for effective management.”
Based significantly on the groundbreaking 2004 edition of the Australian/New Zealand Risk Management Standard, ISO 31000 recommends that organizations develop, implement and continuously improve a risk management framework as an integral component of their management system.
ISO 31000 is designed to help organizations: improve the identification of opportunities and threats; improve operational effectiveness and efficiency; enhance health and safety performance, as well as environmental protection; and improve loss prevention and incident management, among other objectives.
