This handbook expands and provides context to the clauses in ISO 31000. It provides advice regarding introducing and implementing risk management, including how to create and protect value for stakeholders. The handbook demonstrates how to:
• Use the principles of effective and efficient risk management in the way risk is managed;
• Develop a plan for integrating risk into an organization’s existing arrangements;
• Understand how organizational culture influences the design and implementation of risk management;
• Confirm that the need for effective risk management is considered when changes affect the organization;
• Apply the risk management process to identify, analyze, evaluate, and where required, to treat risk;
• Communicate and consult with stakeholders;
• Monitor and review the risk management plan and process; and
• Continually improve based on context and lessons learned.

Table of Contents

Foreword 
Preface 
Introduction 
ISO 31000 Guidance Handbook 
1. Using the ISO 31000 risk management principles
2. Leadership, commitment and responsibilities 
3. Risk management framework
4. Risk management process 
5. Effectiveness of the risk management program 
6. Continual improvement 
Annex A:  Example of gap analysis 
Annex B:  Example of risk categories 
Bibliography:  ISO documents 

Return Policy

ASSP does not accept returns on standards, either digital or hardcopy versions. Please read the sales page of the specific standard of interest and review the scope and table of contents to ensure applicability to your needs. If your concerns are related to the quality of a standard, please contact ASSP Standards Development staff.