ISO 31000 — The New, Streamlined Risk Management Standard

January 6th, 2010

Christopher McClean

With contributors:

Nick Hayes , Robert Whiteley III

Summary

In November 2009, the International Organization of Standardization released the ISO 31000:2009 Risk management — Principles and guidelines standard, a well-crafted and straightforward framework explaining the elements of an effective risk management program. The standard will help risk professionals clearly define terminology, establish formal processes, explain the context of their efforts, and consider the opportunity inherent in risks. But this is just a start. The current version will not help risk professionals determine how to measure risk, make sure their risk taxonomy is complete, develop practical risk management tools, or make the business case for risk management investments. Regardless, we expect widespread adoption and recommend using the standard to bring your risk management program up to speed.

Want to read the full report?

This report is available for individual purchase ($1495).

Forrester helps business and technology leaders use customer obsession to accelerate growth. That means empowering you to put the customer at the center of everything you do: your leadership strategy, and operations. Becoming a customer-obsessed organization requires change — it requires being bold. We give business and technology leaders the confidence to put bold into action, shaping and guiding how to navigate today's unprecedented change in order to succeed.