ISO 31000:2009- Risk Management Principles and Guidelines
ISO 31000 is intended to be a family of standards relating to risk management codified by the International Organization for Standardization. The purpose of ISO 31000:2009 is to provide principles and generic guidelines on risk management. ISO 31000 seeks to provide a universally recognised paradigm for practitioners and companies employing risk management processes to replace the myriad of existing standards, methodologies and paradigms that differed between industries, subject matters and regions.
ISO 31000 was published as a standard on the 13th of November 2009, and provides a standard on the implementation of risk management. A revised and harmonized ISO/IEC Guide 73 was published at the same time. The purpose of ISO 31000:2009 is to be applicable and adaptable for "any public, private or community enterprise, association, group or individual." Accordingly, the general scope of ISO 31000 - as a family of risk management standards - is not developed for a particular industry group, management system or subject matter field in mind, rather to provide best practice structure and guidance to all operations concerned with risk management.
ISO 31000:2009 provides generic guidelines for the design, implementation and maintenance of risk management processes throughout an organization. This approach to formalizing risk management practices will facilitate broader adoption by companies who require an enterprise risk management standard that accommodates multiple ‘silo-centric’ management systems.
Main article: Risk
ISO 31000 Framework approach
ISO 31000:2009 has been received as a replacement to the existing standard on risk management, AS/NZS 4360:2004 (In the form of AS/NZS ISO 31000:2009). Whereas the Standards Australia approach provided a process by which risk management could be undertaken, ISO 31000:2009 addresses the entire management system that supports the design, implementation, maintenance and improvement of risk management processes.
The intent of ISO 31000 is to be applied within existing management systems to formalize and improve risk management processes as opposed to wholesale substitution of legacy management practices. Subsequently, when implementing ISO 31000, attention is to be given to integrating existing risk management processes in the new paradigm addressed in the standard.
Most implications for adopting the new standard concern the re-engineering of existing management practices to conform with the documentation, communication and socialization of the new risk management operating paradigm; as opposed to wholesale re-orientation of management practice throughout an organization. Accordingly, most senior position holders in an enterprise risk management organization will need to be cognizant of the implication for adopting the standard and be able to develop effective strategies for implementing the standard across supply chains and commercial operations.
ISO 31000 has not been developed with the intention for certification.
Why Quality Foundation – Kolkata
Consultants of Quality Foundation, follow a Structured approach (Process flow diagram for System Development) for developing ISO 31000:2009 – Risk Management – Principles and guidelines, Requirements through consultancy and training services, involving all concerned personnel, there by developing the competence in application of the standard in the existing management standards thereby continually reducing the risk and its impacts in an organization.
Services offered towards – ISO 31000:2009 - Risk Management – Principles and guidelines
For more information about this service, contact our friendly team today on 09831350433. We will be pleased to help you
For Purchase of the standards Pl go to the below site;