Published by International Organization for Standardization (ISO) in 2009

• Establish principles for effective risk management
• Establishing a management process for risk management (not methodology)
• Provides a framework for interworking with the management processes that an organization is running
• Apply universally for effective risk management in all types of organizations
• Improve system effectiveness and efficiency through compatibility with risk-based management systems (ISO 9001, ISO 14001, ISO 45001, ISO 22000, ISO 27001, ISO 28000, etc.)
• Not a standard for obtaining certificates

• Improved likelihood
• Promote aggressive management
• Recognize the need to identify and address organizational risks
• Improved opportunities and threat identification
• Apply appropriate risk management practices to your organization
• Compliance with relevant regulatory / regulatory requirements and international standards
• Improve financial reporting
• Strengthening the trust and confidence of stakeholders
• Establish a reliable foundation for decision making and planning
• Improved management
• Effective resource allocation and utilization for risk handling
• Improve operational effectiveness and efficiency
• Improved health and safety performance as well as environmental protection
• Improved loss prevention and accident management
• Minimize losses
• Improve organizational learning
• Improved resilience of organizations