Many EHS professionals are familiar with the International Organization for Standardization (ISO), due to its widely known management systems, ISO 9001 and 14001. Over the past five years, ISO has begun to extend its services more explicitly into the area of risk management—its first two management systems (9001 and 14001) are essentially risk management tools.
This past November, ISO published a generic standard on risk management that provides guidelines that can be used in a wide range of settings. ISO states that “31000:2009 can be applied throughout the life of an organization, and to a wide range of activities, including strategies and decisions, operations, processes, functions, projects, products, services and assets; and that it can be applied to any type of risk, whatever its nature, whether having positive or negative consequences.” Read More