The standard entails that it is not about avoiding risks but to make deliberate decisions and continuously ensure that the existing uncertainties do not affect the company’s objectives in an adverse direction.
ISO 31000 is an international management standard for risk management that defines several principles and requirements that are important for ensuring the effectiveness of a company’s risk management. The standard provides guidance for the selection and application of techniques, which can be used to evaluate risks in different parts of the company. The techniques can inter alia be used as a guidance for decision making related to uncertainty. With the standard, you define potential risks as part of a process for risk management.
ISO 31000 on risk management is a fruitful tool for companies who want to respond to the risks and opportunities that may affect all aspects of the day-to day-operation of the company. Risk management is part of general management at top level and is crucial for how the company is managed at all levels.
ISO 31000 is for you who create and protect the company’s values through risk management, decision making, defining and the setting of strategic objectives to improve the company’s performance. The standard can be implemented in connection with the new GDPR.