ISO Releases Revised ISO 31000 Risk Management Guidelines
ISO 31000:2018 is a shorter and clearer guide to help organizations improve planning and decision-making through the use of risk management principles.
The International Organization for Standardization has published its newly revised version of ISO 31000, Risk management – Guidelines. ISO 31000:2018 is a shorter and clearer guide to help organizations improve planning and decision-making through the use of risk management principles.
"The revised version of ISO 31000 focuses on the integration with the organization and the role of leaders and their responsibility," said Jason Brown, chair of technical committee ISO/TC 262 on risk management that developed the revised standard. "Risk practitioners are often at the margins of organizational management and this emphasis will help them demonstrate that risk management is an integral part of business."
The latest edition was reviewed for clarity and simplicity to make it more accessible. The 2018 version focuses on creating and protecting value as the key driver of risk management. ISO 31000:2018 gives managers the flexibility to adapt these standards to suit the needs and goals of their organization.
The main changes to the standards since the previous edition are as follows:
- Review of the principles of risk management, which are the key criteria for its success
- Focus on leadership by top management who should ensure that risk management is integrated into all organizational activities, starting with the governance of the organization
- Greater emphasis on the iterative nature of risk management, drawing on new experiences, knowledge and analysis for the revision of process elements, actions and controls at each stage of the process
- Streamlining of the content with greater focus on sustaining an open systems model that regularly exchanges feedback with its external environment to fit multiple needs and contexts