The revision of ISO 31000:2009, Risk management – Principles and guidelines has progressed to Draft International Standard (DIS) stage, with the draft now available for public comment.
ISO 31000 provides guidelines on the benefits and values of effective and efficient risk management and aims to help organizations to better understand and address uncertainties.
The revision seeks to simplify the standard using simple language to make risk management easy to understand. To do so, the terminology of ISO 31000 has been reduced to simple concepts and some terms have been moved to ISO Guide 73, Risk management – Vocabulary, which deals specifically with risk management terminology. This is intended to be read alongside ISO 31000.
Jason Brown, chair of ISO technical committee ISO/TC 262, Risk management, that developed the standard said, “The message our group would like to pass on to the reader of the DIS is to critically assess if the current draft can provide the guidance required while remaining relevant to all organizations in all countries.
“It is important to keep in mind that we are not drafting an American or European standard, a public or financial services standard, but much rather a generic international standard,” Brown said.
The draft also includes improvements such as the importance of human and cultural factors in achieving an organization’s objectives and an emphasis on ingraining risk management in the decision-making process. Despite these changes, the overall message of ISO 31000 of integrating the management of risk into a strategic and operational management system remains the same.
The next step in the process is to finalize the revision work to reach the Final Draft International Standard stage. The finalized version of ISO 31000 is expected to be published by the end of the year or early 2018.