ISO/TC 262
ISO/TC 262 Risk management is a technical committee of the International Organization for Standardization established originally in 2011 as Project Committee and converted in August 2012 into a full Technical Committee (TC) to develop standards in the area of risk management. It has 55 Participating Countries and 18 Observing Countries.
The scope of ISO/TC 262 is »Standardization in the field of risk management«. Risks affecting organizations can have consequences in terms of economic performance and professional reputation, as well as environmental, safety and societal outcomes. Therefore, managing risk effectively helps organizations to perform well in an environment full of uncertainty. Earlier safety oriented risk management has today been developed into a comprehensive management approach to maximize opportunities and minimize threats. Contemporary management of risk ensures survival and sustainability in all activities concerning decision making at all levels of any organization. Therefore, effective and efficient risk management today is closely linked to business continuity management and to compliance management.
Attitudes to risk still vary substantially around the world but 57 National Standards Organizations have adopted ISO 31000 as their national Standard for the management of risk.
Leadership and organization
Chair: Mr. Jason Brown, SA
Secretary: Mr. Ben Carson, BSI
ISO/TC 262 currently has the following organization:
- AG 1 Communications (Head: Dr. Frank Herdmann, DIN)
- AG 2 Strategic Advisory Group (Rapporteur: Jason Brown, SA)
- WG 2 Core risk management standards (Convenor: Prof. Dr. Bruno Brühwiler, SNV)
- WG 5 Management of Legal Risk (Convenor: Dr. Xiaohong Gao, SAC)
AG 2 is operating for ISO/TC 262 a website with ongoing information on the work of the technical committee: riskmanagement.isotc262.org
Published standards
ISO 31000:2009 Risk management - Principles and guidelines, sets out principles, a framework and a process for managing risk. It can be used by any organization regardless of its size, activity or sector. Using ISO 31000 can help organizations increase the likelihood of achieving objectives, improve the identification of opportunities and threats and effectively allocate and use resources for risk treatment. ISO 31000 is the national standard in the majority of the G8 and G20 as well as BRIICS economies and is highly valued as a guidance document by a wide range of ISO TCs and their National Mirror Committees as well as a number of United Nations agencies.
ISO/TR 31004:2013 Risk management - Guidance for the implementation of ISO 31000 is a Technical Report intended to assist organizations to enhance the effectiveness of their risk management efforts by aligning them with ISO 31000.
ISO Guide 73:2009 Risk management - Vocabulary, complements ISO 31000 by providing a collection of terms and definitions relating to the management of risk.
In co-operation with IEC/TC 56 Dependability ISO/TC 262 is also responsible for the ISO input to:
ISO/IEC 31010:2009 Risk management – Risk assessment techniques focuses on risk assessment. Risk assessment helps decision makers understand the risks that could affect the achievement of objectives as well as the adequacy of the controls already in place. ISO/IEC 31010:2009 focuses on risk assessment concepts, processes and the selection of risk assessment techniques.