ISO 31001:2018 Risk Management – Guidelines; the long awaited revision to the go-to risk management standard was published on February 15th, 2018. This development reflects the importance risk management has in today’s working environment.
The new ISO 31000:2018 places value creation as the main purpose of risk management. The focus is on the need for strong leadership, commitment and an integrated approach. The standard remains clearly structured and provides comprehensive guidance for all organizations.
Although ISO 31000:2018 cannot be used for certification purposes, it should be used to compare risk management practices with an internationally recognised benchmark and provides guidance for internal and external audits.
What are the main differences between the standards?
- The principles of risk management have been reviewed
- The importance of leadership by top management and the integration of risk management, starting with the governance of the organization have been highlighted.
- A greater emphasis on the continual nature of risk management, recognising that new experiences, knowledge and analysis can lead to a revision of process elements, actions and controls at each stage of the process
- Streamlining of the content with greater focus on sustaining an open systems model to fit multiple needs and contexts