Risk Management for SME’s the ISO 31000:2018 way

ISO 31000:2018 a crucial asset in dealing with uncertainties in making decisions

Today, it is crucial for entrepreneurs to deal in a suitable manner with the increasing uncertainties that our constantly changing society generates. In that regard, risk is the effect of uncertainty on objectives (definition according to ISO 31000:2018) and this effect can be positive, negative or both. Taking decisions in an uncertain environment can be difficult. Therefore, the purpose of managing and controlling risk is to help in taking these kind of decisions. And, as a result, create and maintain value by managing the effects of uncertainty for all of the objectives that matter to you.

ISO 31000:2018 a guideline for risk management

ISO 31000 is the ISO guideline for risk management and it aims to help organisations, managers, entrepreneurs and employees, as much as possible, to make the right decisions. For this purpose, ISO 31000 proposes the following:

  • A vocabulary, so that everyone can understand what is spoken about.
  • A number of principles, that are the guiding mental models in risk management.
  • A framework that can be used to embed risk management throughout the organisation
  • A process that implements risk management at all levels of the organisation

Together, these four elements form a single entity with which each organisation can develop an integrated approach to risk management and help everyone throughout the organisation to make the right decisions, creating and maintaining value for the organisation and its stakeholders.

ISO 31000:2018 is not specific and encompasses all organisations

ISO 31000 is not directed towards a specific industry or sector and for ISO 31000 the word “organisation” stands for each type of enterprise or institution and encompasses everything from multinational and government organizations to the smallest micro-enterprise, NGO or association without lucrative purpose. In fact, each individual can take advantage of the knowledge found in this ISO standard.

ISO 31000:2018 helps you to innovate

The continuous change of our society necessitates generic innovations, also in an entrepreneurial context. And, managing risk is particularly appropriate when innovation is a goal. As such, all techniques used to manage risk are also suitable to innovate. Moreover, innovation techniques are also suitable tools for risk management.

ISO 31000:2018 helps in discovering and dealing with new trends and tendencies

Change also entails new societal tendencies. Gradually, risk management is becoming a requirement in our society (in Germany it is even required by law). It is also more and more a requirement to have a risk management system in place, if you want to become or remain a supplier or sub-contractor of larger companies. In addition, ISO 31000 helps to notice new trends in society and business in a timely manner and it also assists in addressing the vulnerabilities, opportunities or threats associated with these new trends.

ISO 31000:2018 is a certain way towards CSR and sustainability in your organisation

Risk management is a very certain way of reconciling both short-term and long-term in making decisions. Furthermore, it is capable of tackling the problems of sustainability in a fundamental way. Well-understood risk management always leads to sustainable entrepreneurship, because it focuses on the creation and preservation of value. Also, in this regard, it takes into account and as well values the contribution of stakeholders.

ISO 31000:2018 introduces risk-based thinking in any organisation

ISO 31000 also is the ideal way to embed risk-based thinking in the application of management systems and other ISO standards (e.g. ISO 9001:2015). In addition, it helps organizations to comply in a proper/coherent way with regulations and legislation.

ISO 31000:2018 helps in modernizing your organisation

Risk management is applicable to all aspects of an organization. It is all the more appropriate when objectives change, uncertainty increases or consequences become more important. This is certainly the case when new techniques and technology are introduced or when more digitization is brought to the organisation.

ISO 31000:2018 is a systemic method, as it works through mental models

ISO 31000 is a set of mental models and processes that enables organizations to address the challenges of a changing society in a process-based manner.

Should you want to know more on ISO 31000, check out our training and certification programs!

Follow me


General Manager at BYAZ
Peter Blokland is the author of 'Total Respect Management' (Lannoo Campus, 2013) and 'Safety and Performance' (NOVA, 2017). In a former life he was a Belgian Air Force pilot, Staff Officer and aircraft accident investigator, finishing his military career at NATO’s Allied Command Operations at SHAPE (BE). In 2008 he became an organizational and business coach, helping organisations, companies and teams to improve and excel.
Since September 2014, Peter is also employed at TUDelft, working as a PhD researcher for the Safety Sciences section of the Technology Policy and Management faculty.
As the managing director of G31000 Europe he is now a trainer and consultant using the ISO 31000 Risk Management Standard.
Some of his articles can be read on LinkedIn
Follow me

Latest posts by Peter BLOKLAND (see all)