ISO 31000:2009 Risk management - Principles and guidelines

International Organization for Standardization. — 2009. — Austrian Standards Institute. — 2010. — 38 p.Standard provides principles and generic guidelines on risk management.
Standard can be used by any public, private or community enterprise, association, group or individual. Therefore, standard is not specific to any industry or sector.
Standard can be applied throughout the life of an organization, and to a wide range of activities, including strategies and decisions, operations, processes, functions, projects, products, services and assets.
Standard can be applied to any type of risk, whatever its nature, whether having positive or negative consequences.
Although standard provides generic guidelines, it is not intended to promote uniformity of risk management across organizations. The design and implementation of risk management plans and frameworks will need to take into account the varying needs of a specific organization, its particular objectives, context, structure, operations, processes, functions, projects, products, services, or assets and specific practices employed.
It is intended that standard be utilized to harmonize risk management processes in existing and future standards. It provides a common approach in support of standards dealing with specific risks and/or sectors, and does not replace those standards.
Standard is not intended for the purpose of certification.
ICS : 03.100.01 Company organization and management in general