- ISO 31000 is for use by people who create and protect value in organizations
- Organizations of all types and sizes face external and internal factors and influences that make it uncertain whether they will achieve their objectives
- Managing risk is iterative and assists organizations in achieving their objectives
- Managing risk is part of governance and leadership
- Managing risk is part of all activities associated with an organization and includes interaction with stakeholders.
- Managing risk considers the external and internal context of the organization, including human behaviour and cultural factors.
- Managing risk is based on the principles, framework and process outlined in this standard.
Recent Comments