The International Organization for Standardization | 2009

The International Organization for Standardization (ISO) in Genève started in 2005 the development of a guidance standard on risk management. An ISO working group was established to develop a Committee Draft called ISO CD31000. The standard “gives generic guidelines for the principles and the adequate implementation of risk management. It is not intended to be used for the purposes of certification.”

ISO 31000 seeks to provide a universally recognized paradigm for practitioners and companies employing risk management processes to replace the myriad of existing standards, methodologies and paradigms that differed between industries, subject matters and regions. For this purpose, the recommendations provided in ISO 31000 can be customised to any organisation and its context.

ISO 31000 is very similar in some respects to ISO 9000 and other broad based international standards. Though it is not certifiable, it is a concise and comprehensive statement which can in practical sense contribute to the awareness and implementation of risk management.