Slide background

ISO 31000:2018 - Risk management

ID 5645 | | Visite: 6351 | Documenti normazione ENTIPermalink:

ISO 31000 2018

ISO 31000:2018 - Risk management

Update 20.05.2018

UNI ISO 31000:2018

Gestione del rischio - Linee guida

Data entrata in vigore : 17 maggio 2018

La norma è destinata a coloro che creano e proteggono valore nelle organizzazioni avendo cura di gestire rischi, prendere decisioni, fissare e conseguire obiettivi e migliorare le prestazioni. Fornisce linee guida per gestire i rischi che le organizzazioni affrontano e può essere utilizzato durante tutta la vita dell’organizzazione, oltre a poter essere applicato a qualsiasi attività, compreso il processo decisionale a tutti i livelli. L’approccio comune suggerito dal documento è idoneo a gestire qualsiasi tipo di rischio, non è dedicato ad un particolare settore o industria e può essere adattato a qualunque organizzazione e al suo contesto. I principi, la struttura di riferimento e il processo delineati in questo documento consentono di gestire il rischio in modo efficiente, efficace e sistematico.

ISO 31000:2018

Sostituisce :
UNI ISO 31000:2010


ISO 14 Febbraio 2018

Risks affecting organizations can have consequences in terms of economic performance and professional reputation, as well as environmental, safety and societal outcomes. Therefore, managing risk effectively helps organizations to perform well in an environment full of uncertainty.

ISO 31000:2018, Risk management – Guidelines, provides principles, framework and a process for managing risk. It can be used by any organization regardless of its size, activity or sector.

Using ISO 31000 can help organizations increase the likelihood of achieving objectives, improve the identification of opportunities and threats and effectively allocate and use resources for risk treatment.

However, ISO 31000 cannot be used for certification purposes, but does provide guidance for internal or external audit programmes. Organizations using it can compare their risk management practices with an internationally recognised benchmark, providing sound principles for effective management and corporate governance.


ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (ISO member bodies). The work of preparing International Standards is normally carried out through ISO technical committees. Each member body interested in a subject for which a technical committee has been established has the right to be represented on that committee. International organizations, governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.

The procedures used to develop this document and those intended for its further maintenance are described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the different types of ISO documents should be noted. This document was drafted in accordance with the editorial rules of the ISO/IEC Directives, Part 2 (see
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of any patent rights identified during the development of the document will be in the Introduction and/or on the ISO list of patent declarations received (see

Any trade name used in this document is information given for the convenience of users and does not constitute an endorsement.

For an explanation on the voluntary nature of standards, the meaning of ISO specific terms and expressions related to conformity assessment, as well as information about ISO’s adherence to the World Trade Organization (WTO) principles in the

Technical Barriers to Trade (TBT) see the following URL:

This document was prepared by Technical Committee ISO/TC 262, Risk management.

This second edition cancels and replaces the first edition (ISO 31000:2009) which has been technically revised.

The main changes compared to the previous edition are as follows:

- review of the principles of risk management, which are the key criteria for its success;
- highlighting of the leadership by top management and the integration of risk management, starting with the governance of the organization;
- greater emphasis on the iterative nature of risk management, noting that new experiences, knowledge and analysis can lead to a revision of process elements, actions and controls at each stage of the process;
- streamlining of the content with greater focus on sustaining an open systems model to fit multiple needs and contexts.


This document is for use by people who create and protect value in organizations by managing risks, making decisions, setting and achieving objectives and improving performance.

Organizations of all types and sizes face external and internal factors and influences that make it uncertain whether they will achieve their objectives.

Managing risk is iterative and assists organizations in setting strategy, achieving objectives and making informed decisions.

Managing risk is part of governance and leadership, and is fundamental to how the organization is managed at all levels. It contributes to the improvement of management systems.

Managing risk is part of all activities associated with an organization and includes interaction with stakeholders.

Managing risk considers the external and internal context of the organization, including human behaviour and cultural factors.

Managing risk is based on the principles, framework and process outlined in this document, as illustrated in Figure 1. These components might already exist in full or in part within the organization, however, they might need to be adapted or improved so that managing risk is efficient, effective and consistent.

Figure 1 — Principles, framework and process

Figura 1 ISO 31000

1 Scope

This document provides guidelines on managing risk faced by organizations. The application of these guidelines can be customized to any organization and its context.

This document provides a common approach to managing any type of risk and is not industry or sector specific.

This document can be used throughout the life of the organization and can be applied to any activity, including decision-making at all levels.

2 Normative references

There are no normative references in this document.

3 Terms and definitions

For the purposes of this document, the following terms and definitions apply.

ISO and IEC maintain terminological databases for use in standardization at the following addresses:

- ISO Online browsing platform: available at
- IEC Electropedia: available at

effect of uncertainty on objectives
Note 1 to entry: An effect is a deviation from the expected. It can be positive, negative or both, and can address, create or result in opportunities and threats.
Note 2 to entry: Objectives can have different aspects and categories, and can be applied at different levels.
Note 3 to entry: Risk is usually expressed in terms of risk sources (3.4), potential events (3.5), their consequences (3.6) and their likelihood (3.7).
risk management
coordinated activities to direct and control an organization with regard to risk (3.1)
person or organization that can affect, be affected by, or perceive themselves to be affected by a decision or activity
Note 1 to entry: The term “interested party” can be used as an alternative to “stakeholder”.
risk source
element which alone or in combination has the potential to give rise to risk (3.1)
occurrence or change of a particular set of circumstances
Note 1 to entry: An event can have one or more occurrences, and can have several causes and several consequences (3.6).
Note 2 to entry: An event can also be something that is expected which does not happen, or something that is not expected which does happen.
Note 3 to entry: An event can be a risk source.
outcome of an event (3.5) affecting objectives
Note 1 to entry: A consequence can be certain or uncertain and can have positive or negative direct or indirect effects on objectives.
Note 2 to entry: Consequences can be expressed qualitatively or quantitatively.
Note 3 to entry: Any consequence can escalate through cascading and cumulative effects.
chance of something happening
Note 1 to entry: In risk management (3.2) terminology, the word “likelihood” is used to refer to the chance of something happening, whether defined, measured or determined objectively or subjectively, qualitatively or quantitatively, and described using general terms or mathematically (such as a probability or a frequency over a given time period).
Note 2 to entry: The English term “likelihood” does not have a direct equivalent in some languages; instead, the equivalent of the term “probability” is often used. However, in English, “probability” is often narrowly interpreted as a mathematical term. Therefore, in risk management terminology, “likelihood” is used with the intent that it should have the same broad interpretation as the term “probability” has in many languages other than English.
measure that maintains and/or modifies risk (3.1)
Note 1 to entry: Controls include, but are not limited to, any process, policy, device, practice, or other conditions and/or actions which maintain and/or modify risk.
Note 2 to entry: Controls may not always exert the intended or assumed modifying effect.


Fonte: ISO


Tags: Normazione Norme ISO Abbonati Normazione

Articoli correlati

Ultimi archiviati Normazione

Giu 15, 2019 33

CEI EN 61511-1 / 2 / 3: Sicurezza funzionale Industria di processo

CEI EN 61511-1 / 2 / 3: Sicurezza funzionale Industria di processo CEI EN 61511-1 (65-90)2017Sicurezza funzionale - Sistemi strumentati di sicurezza per il settore dell'industria di processo Parte 1: Struttura, definizioni, sistema, prescrizioni per l'hardware e il software Questa Parte della serie… Leggi tutto
Giu 10, 2019 70

CEI EN 55014-1:2019 (CEI 110-1)

CEI EN 55014-1:2019 (CEI 110-1) Emissione EMC: Prescrizioni per gli elettrodomestici, gli utensili elettrici e gli apparecchi similari Pubblicata nel mese di marzo la nuova edizione della Norma CEI EN 55014-1 “Compatibilità elettromagnetica - Prescrizioni per gli elettrodomestici, gli utensili… Leggi tutto
Giu 10, 2019 55

ISO 11665-9:2019 - Air: Radon

ISO 11665-9:2019 Measurement of radioactivity in the environment -- Air: Radon-222 -- Part 9: Test methods for exhalation rate of building materials This document specifies a method for the determination of the free radon exhalation rate of a batch of mineral based building materials. This document… Leggi tutto
Norme armonizzate Direttiva imbarcazioni diporto 12 2017
Giu 05, 2019 101

Decisione di esecuzione (UE) 2019/919

Decisione di esecuzione (UE) 2019/919 della Commissione del 4 giugno 2019 relativa alle norme armonizzate per le imbarcazioni da diporto e le moto d'acqua elaborate a sostegno della direttiva 2013/53/UE del Parlamento europeo e del Consiglio GU L 146/106 del 05.06.2019 Entrata in vigore: 05.06.2019… Leggi tutto
Decisione di esecuzione2019896
Mag 29, 2019 145

Decisione di esecuzione (UE) 2019/896

Decisione di esecuzione (UE) 2019/896 della Commissione del 28 maggio 2019 che modifica la decisione di esecuzione (UE) 2019/450 per quanto riguarda i documenti per la valutazione europea per kit di partizioni interne per pareti non portanti, sistemi flessibili e fissati meccanicamente di fogli… Leggi tutto
UNI EN 6892019
Mag 17, 2019 401

UNI EN 689:2019

UNI EN 689:2019 Esposizione nei luoghi di lavoro - Misurazione dell'esposizione per inalazione agli agenti chimici - Strategia per la verifica della conformità coi valori limite di esposizione occupazionaleData entrata in vigore: 16 maggio 2019 La norma definisce una strategia per effettuare misure… Leggi tutto
UNI EN ISO 37402019
Mag 03, 2019 185

UNI EN ISO 3740:2019

UNI EN ISO 3740:2019 Acustica - Determinazione dei livelli di potenza sonora delle sorgenti di rumore - Linee guida per l'utilizzo delle norme di baseData entrata in vigore: 30 aprile 2019 [alert]La norma fornisce le linee guida per l'utilizzo di un set di dodici norme internazionali basilari… Leggi tutto
EN ISO 5349 2 Guida pratica valutazione rischio vibrazioni alla mano
Apr 25, 2019 267

EN ISO 5349-2 Guida pratica valutazione rischio vibrazioni alla mano

EN ISO 5349-2:2015 Vibrazioni meccaniche - Misurazione e valutazione dell'esposizione dell'uomo alle vibrazioni trasmesse alla mano - Parte 2: Guida pratica per la misurazione al posto di lavoro La norma è stata aggiornata nei riferimenti normativi (punto 2) e sostituisce alcuni punti come quello… Leggi tutto
EN 14253 Guida pratica valutazione esposizione vibrazioni
Apr 25, 2019 181

EN 14253 Guida pratica valutazione esposizione vibrazioni corpo intero

EN 14253:2008 Vibrazioni meccaniche - Misurazione e calcolo dell’esposizione professionale alle vibrazioni trasmesse al corpo intero al fine di tutelare la salute dell’operatore - Guida pratica La presente norma è la versione ufficiale della norma europea EN 14253:2003+A1 (edizione novembre 2007).… Leggi tutto

Più letti Normazione