A useful set of risk management guidelines and principles has been developed by the International Organization for Standardization. In 2005, ISO introduced a New Work Item Proposal (NWIP) to develop a guidance standard on risk management.
Following approval by ISO members, an ISO working group was established to develop a Committee Draft called ISO CD31000. The standard:
"gives generic guidelines for the principles and the adequate implementation of risk management. It is not intended to be used for the purposes of certification."
The ISO 31000:2009 standard provides principles and generic guidelines on risk management, can be used by any public, private or community enterprise, association, group or individual and is not specific to any industry or sector.
More information is available here.
|←Previous ISO/IEC Guide 73- Risk Management – Vocabulary|
- AS/NZS ISO 31000:2009
- IRM - AIRMIC - PRMA Risk Management Standards
- AS/NZS 4360:2004
- ITGI Risk IT Framework 2009 (COBIT)
- COBIT 4.1 2009
- COSO 2009 Guidance on Monitoring Internal Control Systems
- COSO 2004 Enterprise Risk Management — Integrated Framework
- COSO 1992 Internal Control — Integrated Framework
- ISO/IEC Guide 73- Risk Management – Vocabulary