RISK MANAGEMENT SYSTEM IMPLEMENTATION ISO 31000
- January 24, 2024
- Posted by: co_admin
- Category: Training
All types and sizes of organizations face internal and external factors and influences that make it uncertain whether and when they will achieve their objectives. The effect this uncertainty has on an organization’s objectives is risk.
Risk is involved in any activity of an organization. ISO 31000: 2009 describes a systematic and logical process, during which organizations manage risk by identifying it, analyzing and then evaluating whether the risk should be modified by risk treatment in order to satisfy their risk criteria.
Risk management can be applied to an entire organization, at its many areas and levels, at any time, as well as to specific functions, projects and activities.
ISO 31000 provides principles and generic guidelines to assist organizations in establishing, implementing, operating, maintaining and continually improving their risk management framework.
It is not specific to any industry or sector, so it can be used by any public, private or community enterprise, association, group or individual. This standard can be applied throughout the life of an organization, and to a wide range of activities, including strategies and decisions, operations, processes, functions, projects, products, services and assets