Risk Management – Guidance for the Implementation of ISO 31000 ISO/ANSI/ASSE TR-31004 – 2014 (identical national adoption of ISO/TR 31004:2013)
Scope: This Technical Report provides guidance for organizations on managing risk effectively by implementing ISO 31000:2009. It provides:
a structured approach for organizations to transition their risk management arrangements in order to be consistent with ISO 31000, in a manner tailored to the characteristics of the organization;
an explanation of the underlying concepts of ISO 31000;
guidance on aspects of the principles and risk management framework that are described in ISO 31000. This Technical Report can be used by any public, private or community enterprise, association, group or individual.
This Technical Report is not specific to any industry or sector, or to any particular type of risk, and can be applied to all activities and to all parts of organizations.
Want to purchase this Technical Report individually? Click here!
Vocabulary for Risk Management ANSI/ASSE/ISO Guide 73 (Z690.1-2011)
(identical national adoption of ISO Guide 73:2009)
Scope: This standard provides the definitions of generic terms related to risk management. It aims to encourage a mutual and consistent understanding of, and a coherent approach to, the description of activities relating to the management of risk and the use of uniform risk management terminology in processes and frameworks dealing with the management of risk.
This standard is intended to be used by:
those engaged in managing risks;
those who are involved in activities of ISO and IEC; and
developers of national or sector-specific standards, guides, procedures and codes of practice relating to the management of risk.
those seeking principles and guidelines on risk management
Reference is made to ANSI/ASSE Z690.2 (ISO 31000)
Risk Management—Principles and Guidelines ANSI/ASSE/ISO 31000 (Z690.2-2011)
(identical national adoption of ISO 31000:2009)
Scope: This standard provides principles and generic guidelines on risk management. This standard can be used by any public, private or community enterprise, association, group or individual and is not specific to any industry or sector.
This standard can be applied throughout the life of an organization and to a wide range of activities, including strategies and decisions, operations, processes, functions, projects, products, services and assets. In addition, this standard can be applied to any type of risk, whatever its nature, whether having positive or negative consequences.
It is intended that this standard be utilized to harmonize risk management processes in existing and future standards. It provides a common approach in support of standards dealing with specific risks and/or sectors and does not replace those standards. This standard is not intended for the purpose of certification.
Implementation for ISO 31000 ANSI/ASSE/ISO 31004
(identical national adoption of ISO 31004:2013)
ANSI/ASSE/ISO 31004 is an implementation guide This Technical Report is intended to be read in conjunction with ISO 31000 and is applicable to all types and sizes of organization. The core concepts and definitions that are central to understanding ISO 31000 are explained in Annex A.
Clause 3 provides a generic methodology to help organizations transition existing risk management arrangements to align with ISO 31000, in a planned and structured way. It also provides for dynamic adjustment as changes occur in the internal and external environment of the organization.
Additional annexes provide advice, examples and explanation regarding the implementation of selected aspects of ISO 31000, in order to assist readers according to their individual expertise and needs.
Risk Assessment Techniques ANSI/ASSE/IEC/ISO 31010 (Z690.3-2011)
(identical national adoption of ISO/IEC 31010:2009)
Scope: This standard is a supporting standard for ANSI/ASSE Z690.1, Vocabulary for Risk Management, (ISO Guide 73:2009), and provides guidance on selection and application of systematic techniques for risk assessment. Risk assessment carried out in accordance with this standard contributes to other risk management activities. The application of a range of techniques is introduced, with specific references to other national and international standards where the concept and application of techniques are described in greater detail. This standard is not intended for certification, regulatory or contractual use.