08/30182164 DC : DRAFT MAY 2008
The latest, up-to-date edition.

1 Scope
2 Normative references
3 Terms and definitions
4 Principles for managing risk
5 Framework for managing risk
5.1 General
5.2 Mandate and commitment
5.3 Design of framework for managing risk
5.3.1 Understanding the organization and its context
5.3.2 Risk management policy
5.3.3 Integration into organizational processes
5.3.4 Accountability
5.3.5 Resources
5.3.6 Establishing internal communication and
reporting mechanisms
5.3.7 Establishing external communication and
reporting mechanisms
5.4 Implementing risk management
5.4.1 Implementing the framework for managing risk
5.4.2 Implementing the risk management process
5.5 Monitoring and review of the framework
5.6 Continual improvement of the framework
6 Process for managing risk
6.1 General
6.2 Communication and consultation
6.3 Establishing the context
6.3.1 General
6.3.2 Establishing the external context
6.3.3 Establishing the internal context
6.3.4 Establishing the context of the risk management
6.3.5 Developing risk criteria
6.4 Risk assessment
6.4.1 General
6.4.2 Risk identification
6.4.3 Risk analysis
6.4.4 Risk evaluation
6.5 Risk treatment
6.5.1 General
6.5.2 Selection of risk treatment options
6.5.3 Preparing and implementing risk treatment plans
6.6 Monitoring and review
6.7 Recording the risk management process
Annex A (Informative) - Attributes of enhanced risk management
A.1 General
A.2 Attributes
Committee |
DocumentType |
PublisherName |
British Standards Institution
Status |
ISO 15265:2004 | Ergonomics of the thermal environment Risk assessment strategy for the prevention of stress or discomfort in thermal working conditions |
ISO/IEC 15408-2:2008 | Information technology — Security techniques — Evaluation criteria for IT security — Part 2: Security functional components |
ISO 13215-3:1999 | Road vehicles — Reduction of misuse risk of child restraint systems — Part 3: Prediction and assessment of misuse by Misuse Mode and Effect Analysis (MMEA) |
IEC 62198:2013 | Managing risk in projects - Application guidelines |
IEC 60812:2006 | Analysis techniques for system reliability - Procedure for failure mode and effects analysis (FMEA) |
ISO 13232-5:2005 | Motorcycles Test and analysis procedures for research evaluation of rider crash protective devices fitted to motorcycles Part 5: Injury indices and risk/benefit analysis |
ISO 16312-1:2016 | Guidance for assessing the validity of physical fire models for obtaining fire effluent toxicity data for fire hazard and risk assessment Part 1: Criteria |
IEC/ISO 31010:2009 | Risk management - Risk assessment techniques |
ISO/IEC 15408-3:2008 | Information technology — Security techniques — Evaluation criteria for IT security — Part 3: Security assurance components |
ISO 17776:2016 | Petroleum and natural gas industries Offshore production installations Major accident hazard management during the design of new installations |
ISO 15544:2000 | Petroleum and natural gas industries — Offshore production installations — Requirements and guidelines for emergency response |
ISO 14121-1:2007 | Safety of machinery Risk assessment Part 1: Principles |
ISO/TR 14121-2:2012 | Safety of machinery — Risk assessment — Part 2: Practical guidance and examples of methods |
ISO/IEC Guide 51:2014 | Safety aspects — Guidelines for their inclusion in standards |
ISO/IEC Guide 73:2002 | Risk management Vocabulary Guidelines for use in standards |
IEC 60300-1:2014 | Dependability management - Part 1: Guidance for management and application |
IEC 60300-2:2004 | Dependability management - Part 2: Guidelines for dependability management |
ISO 9000:2015 | Quality management systems — Fundamentals and vocabulary |
ISO/IEC 15408-1:2009 | Information technology — Security techniques — Evaluation criteria for IT security — Part 1: Introduction and general model |
ISO 12100-1:2003 | Safety of machinery Basic concepts, general principles for design Part 1: Basic terminology, methodology |
IEC 62305-2:2010 | Protection against lightning - Part 2: Risk management |
ISO 14971:2007 | Medical devices Application of risk management to medical devices |
ISO 13702:2015 | Petroleum and natural gas industries — Control and mitigation of fires and explosions on offshore production installations — Requirements and guidelines |
IEC 61508-2:2010 | Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 2: Requirements for electrical/electronic/programmable electronic safety-related systems (see Functional Safety and IEC 61508) |
ISO 14050:2009 | Environmental management Vocabulary |
Access your standards online with a subscription
Simple online access to standards, technical information and regulations.
Critical updates of standards and customisable alerts and notifications.
Multi-user online standards collection: secure, flexible and cost effective.
Logging out.