Grid List

Set Ascending Direction

ISO 31000 books

1 Title/current version of ISO 31000 books
ISO 31000:2009 Standard for Risk Management

2 The basics of ISO 31000 books
ISO 31000:2009 comprises principles, a framework and a process
for the management of risk that is applicable to any type of
organization in the public or private sector.

3 Summary of ISO 31000 books
ISO 31000:2009 provides guidance on the implementation of risk
management. It was first published as a standard in November
2009, and is owned by the International Standards Organization
(ISO). The ISO 31000 family includes:
• ISO 31000:2009 – Principles and Guidelines on
• ISO/IEC 31010:2009 – Risk Management – Risk Assessment
• ISO Guide 73:2009 – Risk Management – Vocabulary

ISO 31000 provides generic guidelines for the design, implementation
and maintenance of risk management processes throughout
an organization. The scope of this approach to risk management is
to enable all strategic, management and operational tasks of an
organization throughout projects, functions, and processes to be
aligned to a common set of risk management objectives.
ISO 31000:2009 comprises three building blocks (see Figure).

The First Building Block, the Risk Management Infrastructure,
states that risk management should contain the following
• Creates value
• Integral part of organizational processes
• Part of decision-making
• Explicitly addresses uncertainty
• Systematic, structured and timely
• Based on the best available information
• Tailored to the organization
• Takes human and cultural factors into account
• Transparent and inclusive
• Dynamic, iterative and responsive to change
• Facilitates continual improvement of the organization

The Second Building Block, the Risk Management Framework,
is about creating the right risk framework through management
commitment. Once commitment is established, there is a cycle of
actions that include the following steps:
1. Design
2. Implementation
3. Monitoring and review
4. Continual improvement

The Third Building Block, the Risk Management Process, was
originally adopted from the standard AS/NZS 4360:2004, which
assures that communication and monitoring is done throughout
the process.

4 ISO 31000 books Target audience
Business managers, risk management officers, CIOs, information
security offi cers.


5 Scope and constraints of ISO 31000 books
ISO 31000:2009 can be applied throughout the life of an
organization, and to a wide range of activities, including
strategies and decisions, operations, processes, functions,
projects, products, services and assets. It can be applied to any
type of risk, whatever its nature, whether having positive or
negative consequences.

ISO 31000:2009 is a concise standard that reflects current
international thinking. This is a very positive development in the
risk management standards landscape. However, a constraint
might be that it still has to prove itself. At the present date, there
are not many actual implementations in organizations.

6 Relevant website of ISO 31000 books

Read more

Please wait...

Added to your cart
Shop further or Process to checkout X
Shop further