ISO 31000:2018 Risk management – Principles and Guidelines

ISO 31000 helps organizations develop a risk management strategy to effectively identify and mitigate risks, thereby enhancing the likelihood of achieving their objectives and increasing the protection of their assets. Its overarching goal is to develop a risk management culture where employees and stakeholders are aware of the importance of monitoring and managing risk.

Risk is a necessary part of doing business, and in a world where enormous amounts of data are being processed at increasingly rapid rates, identifying and mitigating risks is a challenge for any company. In order to keep ISO 31000 relevant in the changing environment the technical committee created a revision. This new version is available from the middle of February 2018. 

Each section of the standard was reviewed in the spirit of clarity, using simpler language to facilitate understanding and make it accessible to all stakeholders. The 2018 version places a greater focus on creating and protecting value as the key driver of risk management and features other related principles such as continual improvement, the inclusion of stakeholders, being customized to the organization and consideration of human and cultural factors.