Module 1 - Unit 2: The ISO 31000 standard

Question 1

List the 5 clauses of the ISO 31000 standard

Answer 1

The five clauses of the ISO 31000 standard are:

1. Scope
2. Definition of terms
3. The Principles
4. Framework for Implementation
5. Process

Question 2

Describe the “Scope” clause of the ISO 31000 standard.

Answer 2

The standard is generic and is not specific to a specific industry or organisation.

Question 3

Name five of the ISO 31000 risk management “Principles” (Clause 3)

Answer 3

ISO 31000 Clause 3 - Principles

1. Create & protect value e.g. achieve objectives
2. Integrated into orgs. processes
3. Used in decision making
4. Addresses uncertainty
5. Systematic, structured & timely
6. Based on best available information
7. Tailored to context, size and complexity
8. Considers human & cultural factors
9. Transparency
10. Dynamic & iterative
11. Facilitates continual improvement

Question 4

Describe Clause 4 of the ISO 31000 standard, “Framework for Implementation”

Answer 4

ISO 31000 Clause 4 - Framework for Implementation

1. Mandate & commitment by the Board
2. Design of framework
3. Implement risk management
4. Monitor and review framework
5. Improve framework

Question 5

Describe the five stages of the ISO 31000 risk management “Process” (Clause 5)

Answer 5

The five stages of ISO 31000 Clause 5 - Process are

1. Establish context
2. Risk Identification
3. Risk Analysis
4. Risk Evaluation
5. Risk Treatment

Question 6

What two features run throughout the five stages of the ISO 31000 “Process” (Clause 5)

Answer 6

Two features that run through the five stages of the ISO 31000 “Process” (clause 5) are:

1. Communication/consultation
2. Monitoring & Review