ISO 31000 Risk Management

Organizations that manage risks effectively are more likely to protect themselves and succeed in growing their business. The challenge for any business is to integrate good practice into their day-to-day operations and apply it to the wider aspects of their organizational practice. 

What is ISO 31000?

BS ISO 31000 is the international standard for risk management. By providing comprehensive principles and guidelines, this standard helps organizations with their risk analysis and risk assessments. Whether you work in a public, private or community enterprise, you can benefit from BS ISO 31000, because it applies to most business activities including planning, management operations and communication processes. Whilst all organizations manage risk to some extent, this international standard’s best-practice recommendations were developed to improve management techniques and ensure safety and security in the workplace at all times.

By implementing the principles and guidelines of BS ISO 31000 in your organization, you’ll be able to improve operational efficiency, governance and stakeholder confidence, while minimizing losses. This international standard also helps you to boost health and safety performance, establish a strong foundation for decision making and encourage proactive management in all areas.

What are the benefits?

A defined risk management process will allow your organization to:
  • Effectively achieve its key objectives
  • Oversee the entire risk management process
  • Ensure risks are managed proactively in specific areas and activities
  • Gain assurance about the effectiveness of your company's risk management
  • Successfully respond to change in a timely fashion
ISO 31100:2011 is based on the best available and up-to-date information on risk management and can act as an integral part of all organizational processes by facilitating the continual improvement of your business.

ISO 31000 Training Courses

Understanding Risk Management - ISO 31000:2009


1 day classroom course

    • All organizations face uncertainty in meeting their objectives. Risk Management is a systematic framework and process for maximizing those areas where outcomes can be controlled while minimizing those that cannot be predicted and over which control cannot be exercised. BSI's 1-day course on understanding Risk Management systems will give you the understanding you need to start managing the risks your organization faces.
    • After completion of this course, you will be able to describe the fundamentals, key principles and application of Risk Management to your organization.
View details for Understanding Risk Management - ISO 31000:2009

Implementing ISO 31000:2009


2 day classroom course

    • Organizations that recognize the importance of managing risk can benefit from implementing a formal risk management system. BSI's 1 day course on implementing risk management will guide you through the development of a framework to effectively manage your organization's risks.
    • After completion of this course, you will be able to apply the principles of risk management to your organization and implement a risk management framework and process suitable to your organization.
View details for Implementing ISO 31000:2009

How to get certified to ISO/IEC 20000-1

  1. ISO/IEC 2000-1 Service Management system certification should be hassle-free. You’ll be appointed a BSI Client Manager, a trusted expert with relevant industry experience to your business, who can guide you through the process.

    The steps to ISO/IEC 20000-1 certification:

    1. ISO/IEC 20000-1 gap analysis

    An optional service which takes place before your assessment visits. We’ll take a closer look at your existing information security management system and compare it with the requirements of the ISO/IEC 20000-1 standard. It’s a really cost effective way to check if there are any areas you need to work on before we carry out a formal assessment.

    2. Formal assessment

    A two-stage process. First your BSI Client Manager will review your organization’s readiness for assessment by checking if the necessary ISO/IEC 20000-1 procedures and controls have been developed in your organization. We will share the details of our findings with you so that if we find gaps, you can close them. Next, if all the requirements are in place, we’ll assess the implementation of the procedures and controls within your organization to make sure that they are working effectively as required for certification of ISO/IEC 20000-1. 

    3. Certification and beyond

    When you achieve certification you’ll receive your BSI ISO/IEC 20000-1 certificate which is valid for three years. Your BSI Client Manager will visit you regularly to make sure your system doesn’t just remain compliant, but it continually improves and adds value to your organization.