ISO/IEC 31000:2009: Risk Management – Principles and Guidelines (Nov. 13, 2009) (full-text).
ISO 31000:2009 provides principles and generic guidelines on risk management. It can be used by any public, private or community enterprise, association, group or individual. Therefore, It is not specific to any industry or sector.
ISO 31000:2009 can be applied throughout the life of an organization, and to a wide range of activities, including strategies and decisions, operations, processes, functions, projects, products, services and assets. It can be applied to any type of risk, whatever its nature, whether having positive or negative consequences.