Risk management

Risk management standard

AS/NZS ISO 31000:2009(external link) Risk Management – Principles and guidelines is a joint Australia/New Zealand adoption of ISO 31000:2009, and supersedes AS/NZS 4360:2004.

Its predecessor, AS/NZS 4360 Risk management, was first published in 1995. After AS/NZS 4360 was last revised in 2004, the joint Australia/New Zealand committee OB-007 decided that rather than undertake a similar revision in 2009, it would promote the development of an international standard on risk management, which could then be adopted locally.

How will this standard help my business?

The standard provides organisations with guiding principles, a generic framework, and a process for managing risk. New to this edition is the inclusion of 11 risk management principles an organisation should comply with, and a management framework for the effective implementation and integration of these principles into an organisation's management system. Unlike previous editions, emphasis is given to considering risk in terms of the effect of uncertainty on objectives, rather than the risk incident.

This edition also includes an informative annex that sets out the attributes of enhanced risk management for those organisations that have already been working on managing their risks and may wish to strive for a higher level of achievement.

Who should use this standard?

Using AS/NZS ISO 31000 will assist organisations to:

SA/SNZ HB 436:2013 provides guidance on the implementation of AS/NZS ISO 31000:2009, Risk management – Principles and guidelines

→ More information on AS/NZS 31000:2009(external link)

→ More information on SA/SNZ HB 436:2013(external link)