08/30182164 DC : DRAFT MAY 2008
Current
The latest, up-to-date edition.
BS ISO 31000 - RISK MANAGEMENT - PRINCIPLES AND GUIDELINES ON IMPLEMENTATION
23-11-2012
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Principles for managing risk
5 Framework for managing risk
5.1 General
5.2 Mandate and commitment
5.3 Design of framework for managing risk
5.3.1 Understanding the organization and its context
5.3.2 Risk management policy
5.3.3 Integration into organizational processes
5.3.4 Accountability
5.3.5 Resources
5.3.6 Establishing internal communication and
reporting mechanisms
5.3.7 Establishing external communication and
reporting mechanisms
5.4 Implementing risk management
5.4.1 Implementing the framework for managing risk
5.4.2 Implementing the risk management process
5.5 Monitoring and review of the framework
5.6 Continual improvement of the framework
6 Process for managing risk
6.1 General
6.2 Communication and consultation
6.3 Establishing the context
6.3.1 General
6.3.2 Establishing the external context
6.3.3 Establishing the internal context
6.3.4 Establishing the context of the risk management
process
6.3.5 Developing risk criteria
6.4 Risk assessment
6.4.1 General
6.4.2 Risk identification
6.4.3 Risk analysis
6.4.4 Risk evaluation
6.5 Risk treatment
6.5.1 General
6.5.2 Selection of risk treatment options
6.5.3 Preparing and implementing risk treatment plans
6.6 Monitoring and review
6.7 Recording the risk management process
Annex A (Informative) - Attributes of enhanced risk management
A.1 General
A.2 Attributes
Bibliography
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.