This Technical Report provides guidance for organizations on managing risk effectively by implementing ISO31000:2009.It provides:
a structured approach for organizations to transition their risk management arrangements in order to be consistent with ISO31000, in a manner tailored to the characteristics of the organization;
an explanation of the underlying concepts of ISO31000;
guidance on aspects of the principles and risk management framework that are described in ISO31000.
This Technical Report can be used by any public, private or community enterprise, association, group or individual.
NOTE For convenience, all the different users of this Technical Report are referred to by the general term “organization??.
This Technical Report is not specific to any industry or sector, or to any particular type of risk, and can be applied to all activities and to all parts of organizations.