Module 4: Core Elements of the Risk Management Process
Part 3 Transcript: Risk Management Standards
NOTES
Risk management standards are followed as part of a risk
management plan and established as a set of best practices.
The International Organization for Standards (ISO) are an
example of risk management standards. These promote best
practices among organizations. Risk managers may
implement these standards at the beginning of the risk
management process as guidance in the development of the
risk management plan or as part of the continuous
improvement process.
The ISO are developed from the input of risk managers who
represent 28 countries. The ISO 31000 risk management
standards framework includes:
•
•
•
ISO 31000:2009 – Principles and Guidelines on
Implementation
ISO/IEC 31010:2009 – Risk Management – Risk
Assessment Techniques
ISO Guide 73:2009 – Risk Management – Vocabulary
(Cowan, 2013, p. 4)
"The ISO, the international body charged with achieving
standardization, set out to achieve consistency and reliability
in risk management by creating standards that would be
applicable to all forms of risk:
•
•
•
•
One vocabulary;
A set of performance criteria;
One, common overarching process for identifying,
analyzing, evaluating, and treating risks, and
Guidance on how that process should be integrated
into the decision-making processes of any
organization" (Purdy, 2010, p. 881).
By 2015, ISO 31000 was adopted in the United States and 56
other countries as the standard for risk management. "ISO
31000 is broadly accepted by public and private companies,
governments, nonprofits, and charitable organizations"
(Gjerdrum, 2016, p. 1).
© 2018 American College of Education
1