ISO 31000:2018(en)Risk management — Guidelines
Organizations of all types and sizes face external and internal factors and influences that make it uncertain whether they will achieve their objectives.
Managing risk is iterative and assists organizations in setting strategy, achieving objectives and making informed decisions. Managing risk is part of governance and leadership, and is fundamental to how the organization is managed at all levels. It contributes to the improvement of management systems. Managing risk is part of all activities associated with an organization and includes interaction with stakeholders. Managing risk considers the external and internal context of the organization, including human behaviour and cultural factors. Managing risk is based on the principles, framework and process outlined in this document, as illustrated in Figure 1. These components might already exist in full or in part within the organization, however, they might need to be adapted or improved so that managing risk is efficient, effective and consistent.
Leave a Reply
You must be logged in to post a comment.