ISO/TC 262
ISO/TC 262 Risk management is a technical committee of the International Organization for Standardization formed in 2011 to develop standards in the area of risk management.
ISO/TC 262 Risk management was originally created as a Project Committee and was converted to a full Technical Committee in 2012. Its scope is »Standardization in the field of risk management«. Risks affecting organizations can have consequences in terms of economic performance and professional reputation, as well as environmental, safety and societal outcomes. Therefore, managing risk effectively helps organizations to perform well in an environment full of uncertainty. Earlier safety oriented risk management has today been developed into a comprehensive management approach to maximize opportunities and minimize threats. Contemporary management of risk ensures survival and sustainability in all activities concerning decision making at all levels of any organization. Therefore, effective and efficient risk management today is closely linked to business continuity management and to compliance management.
Attitudes to risk still vary substantially around the world but 57 National Standards Organizations have adopted ISO 31000 as their national Standard for the management of risk.
Leadership and organization
Chair: Mr. Kevin W Knight, BSI
Secretary: Mr. Mick Maghar, BSI
ISO/TC 292 currently has the following organization.
- AG 1 Communications (Convenor: Dr. Frank Herdmann, DIN)
- WG 2 Core risk management standards (Convenor: Prof. Bruno Brühwiler, SNV)
- WG 3 Disruption related risk (Convenor: Mr. Mike Tarrant, SA)
- WG 4 Supply chain Risk (Convenor: Dr. Marc Siegel, ASIS)
Published standards
ISO 31000:2009 Risk management - Principles and guidelines, sets out principles, a framework and a process for managing risk. It can be used by any organization regardless of its size, activity or sector. Using ISO 31000 can help organizations increase the likelihood of achieving objectives, improve the identification of opportunities and threats and effectively allocate and use resources for risk treatment. ISO 31000 is the national standard in the majority of the G8 and G20 as well as BRIICS economies and is highly valued as a guidance document by a wide range of ISO TCs and their National Mirror Committees as well as a number of United Nations agencies.
ISO/TR 31004:2013 Risk management - Guidance for the implementation of ISO 31000 is a Technical Report intended to assist organizations to enhance the effectiveness of their risk management efforts by aligning them with ISO 31000.
ISO Guide 73:2009 Risk management - Vocabulary, complements ISO 31000 by providing a collection of terms and definitions relating to the management of risk.
In co-operation with IEC/TC 56 Dependability ISO/TC 262 is also responsible for the ISO input to:
ISO/IEC 31010:2009 Risk management – Risk assessment techniques focuses on risk assessment. Risk assessment helps decision makers understand the risks that could affect the achievement of objectives as well as the adequacy of the controls already in place. ISO/IEC 31010:2009 focuses on risk assessment concepts, processes and the selection of risk assessment techniques