The long awaited update to ISO 31000 has just been released. Chair of the iSO technical committee, Jason Brown, says the revised version of ISO 31000 focuses on the integration with the organisation and the role of leaders and their responsibility. “Risk practitioners are often at the margins of organisational management and this emphasis will help them demonstrate that risk management is an integral part of business,” he explains.

Designed to deliver a clearer, shorter and more concise guide to risk management principles, the following key changes have been made since the previous edition:

1. Review of the principles of risk management, which are the key criteria for its success

2. Focus on leadership by top management, which should ensure that risk management is integrated into all organisational activities, starting with governance

3. Greater emphasis on the iterative nature of risk management, drawing on new experiences, knowledge and analysis for the revision of process elements, actions and controls at each stage of the process

4. Streamlining of content with greater focus on sustaining an open systems model that regularly exchanges feedback with its external environment to fit multiple needs and contexts

This is intended to include strategy and planning, organisational resilience, IT, corporate governance, HR, compliance, quality, health and safety, business continuity, crisis management and security.

“ISO 31000 provides a risk management framework that supports all activities, including decision making across all levels of the organisation. The ISO 31000 framework and its processes should be integrated with management systems to ensure consistency and the effectiveness of management control across all areas of the organisation,” Brown added.

Share Story: