This Technical Report provides guidance for organizations on managing risk effectively by implementing ISO 31000:2009. It provides: — a structured approach for organizations to transition their risk management arrangements in orderto be consistent with ISO 31000, in a manner tailored to the characteristics of the organization; — an explanation of the underlying concepts of ISO 31000; — guidance on aspects of the principles and risk management framework that are described in ISO 31000. This Technical Report can be used by any public, private or community enterprise, association, group or individual. NOTE For convenience, all the different users of this Technical Report are referred to by the general term
This Technical Report is not specific to any industry or sector, or to any particular type of risk, and can
be applied to all activities and to all parts of organizations.