iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
SIST

SIST ISO/IEC 31010:2011

Risk management - Risk assessment techniques

Risk management - Risk assessment techniques

IEC 31010:2009 is a dual logo IEC/ISO, single prefix IEC, supporting standard for ISO 31000 and provides guidance on selection and application of systematic techniques for risk assessment. This standard is not intended for certification, regulatory or contractual use.
NOTE: This standard does not deal specifically with safety. It is a generic risk management standard and any references to safety are purely of an informative nature. Guidance on the introduction of safety aspects into IEC standards is laid down in ISO/IEC Guide 51.

Gestion des risques - Techniques d'évaluation des risques

CEI 31010:2009 est un logo double CEI/ISO, préfixe seul CEI, norme d'accompagnement de l'ISO 31000 et fournit des lignes directrices permettant de choisir et d'appliquer des techniques systématiques d'évaluation des risques. La présente norme n'est pas destinée à être utilisée à des fins de certification, de réglementation ou contractuelles.
NOTE: La présente norme ne traite pas spécifiquement de la sécurité. C'est une norme générale de gestion des risques et toute référence à la sécurité est purement de nature informative. Les lignes directrices sur l'introduction des aspects de sécurité dans les normes CEI est définie dans le Guide ISO/CEI 51.

Obvladovanje tveganja - Tehnike ocenjevanja tveganj

Ta mednarodni standard je podporni standard za ISO 31000 in zagotavlja vodilo za izbor in uporabo sistematičnih tehnik ocenjevanja tveganja. Ocenjevanje tveganja, ki poteka v skladu s tem standardom, prispeva k drugim dejavnostim upravljanja tveganja. Vpeljana je uporaba nabora tehnik s specifičnim sklicevanjem na druge mednarodne standarde, kjer sta koncept in uporaba tehnik podrobneje opisana. Ta standard ne zagotavlja posebnih meril za prepoznavanje potrebe po analizi tveganja niti ne določa vrste metode analize tveganja, ki je potrebna za določeno vrsto uporabe.

General Information

Status
Withdrawn
Publication Date
09-Mar-2011
Withdrawal Date
01-Sep-2019
ICS
03.100.01 - Company organization and management in general
Technical Committee
VZK - Quality management and quality assurance
Current Stage
9900 - Withdrawal (Adopted Project)
Start Date
20-Aug-2019
Due Date
12-Sep-2019
Completion Date
02-Sep-2019
Ref Project
IEC 31010:2009 - Risk management — Risk assessment techniques

Relations

Replaced By
SIST EN IEC 31010:2019 - Risk management - Risk assessment techniques (IEC 31010:2019)
Effective Date
01-Oct-2019

Buy Standard

IEC 31010:2009IEC 31010:2009
PreviousNext
Standard
IEC 31010:2009
English language
12 pages
sale 15% off
Preview
sale 15% off
Preview
ISO/IEC 31010:2011 - BARVEISO/IEC 31010:2011 - BARVE
PreviousNext
Standard
ISO/IEC 31010:2011 - BARVE
English language
90 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)


IEC/ISO 31010
Edition 1.0 2009-11
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
colour
inside
Risk management – Risk assessment techniques

Gestion des risques – Techniques d'évaluation des risques

IEC/iSO 31010:2009
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by
any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either IEC or
IEC's member National Committee in the country of the requester.
If you have any questions about IEC copyright or have an enquiry about obtaining additional rights to this publication,
please contact the address below or your local IEC member National Committee for further information.

Droits de reproduction réservés. Sauf indication contraire, aucune partie de cette publication ne peut être reproduite
ni utilisée sous quelque forme que ce soit et par aucun procédé, électronique ou mécanique, y compris la photocopie
et les microfilms, sans l'accord écrit de la CEI ou du Comité national de la CEI du pays du demandeur.
Si vous avez des questions sur le copyright de la CEI ou si vous désirez obtenir des droits supplémentaires sur cette
publication, utilisez les coordonnées ci-après ou contactez le Comité national de la CEI de votre pays de résidence.

IEC Central Office
3, rue de Varembé
CH-1211 Geneva 20
Switzerland
Email: inmail@iec.ch
Web: www.iec.ch
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.

About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigenda or an amendment might have been published.
ƒ Catalogue of IEC publications: www.iec.ch/searchpub
The IEC on-line Catalogue enables you to search by a variety of criteria (reference number, text, technical committee,…).
It also gives information on projects, withdrawn and replaced publications.
ƒ IEC Just Published: www.iec.ch/online_news/justpub
Stay up to date on all new IEC publications. Just Published details twice a month all new publications released. Available
on-line and also by email.
ƒ Electropedia: www.electropedia.org
The world's leading online dictionary of electronic and electrical terms containing more than 20 000 terms and definitions
in English and French, with equivalent terms in additional languages. Also known as the International Electrotechnical
Vocabulary online.
ƒ Customer Service Centre: www.iec.ch/webstore/custserv
If you wish to give us your feedback on this publication or need further assistance, please visit the Customer Service
Centre FAQ or contact us:
Email: csc@iec.ch
Tel.: +41 22 919 02 11
Fax: +41 22 919 03 00
A propos de la CEI
La Commission Electrotechnique Internationale (CEI) est la première organisation mondiale qui élabore et publie des
normes internationales pour tout ce qui a trait à l'électricité, à l'électronique et aux technologies apparentées.

A propos des publications CEI
Le contenu technique des publications de la CEI est constamment revu. Veuillez vous assurer que vous possédez
l’édition la plus récente, un corrigendum ou amendement peut avoir été publié.
ƒ Catalogue des publications de la CEI: www.iec.ch/searchpub/cur_fut-f.htm
Le Catalogue en-ligne de la CEI vous permet d’effectuer des recherches en utilisant différents critères (numéro de référence,
texte, comité d’études,…). Il donne aussi des informations sur les projets et les publications retirées ou remplacées.
ƒ Just Published CEI: www.iec.ch/online_news/justpub
Restez informé sur les nouvelles publications de la CEI. Just Published détaille deux fois par mois les nouvelles
publications parues. Disponible en-ligne et aussi par email.
ƒ Electropedia: www.electropedia.org
Le premier dictionnaire en ligne au monde de termes électroniques et électriques. Il contient plus de 20 000 termes et
définitions en anglais et en français, ainsi que les termes équivalents dans les langues additionnelles. Egalement appelé
Vocabulaire Electrotechnique International en ligne.
ƒ Service Clients: www.iec.ch/webstore/custserv/custserv_entry-f.htm
Si vous désirez nous donner des commentaires sur cette publication ou si vous avez des questions, visitez le FAQ du
Service clients ou contactez-nous:
Email: csc@iec.ch
Tél.: +41 22 919 02 11
Fax: +41 22 919 03 00
IEC/ISO 31010
Edition 1.0 2009-11
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
colour
inside
Risk management – Risk assessment techniques

Gestion des risques – Techniques d'évaluation des risques

INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
COMMISSION
ELECTROTECHNIQUE
PRICE CODE
INTERNATIONALE
XD
CODE PRIX
ICS 03.100.01 ISBN 2-8318-1068-2

– 2 – 31010 © IEC:2009
CONTENTS
FOREWORD.4
INTRODUCTION.6
1 Scope.7
2 Normative references .7
3 Terms and definitions .7
4 Risk assessment concepts .7
4.1 Purpose and benefits .7
4.2 Risk assessment and the risk management framework .8
4.3 Risk assessment and the risk management process .8
4.3.1 General .8
4.3.2 Communication and consultation .9
4.3.3 Establishing the context.9
4.3.4 Risk assessment .10
4.3.5 Risk treatment .10
4.3.6 Monitoring and review .11
5 Risk assessment process .11
5.1 Overview .11
5.2 Risk identification .12
5.3 Risk analysis .12
5.3.1 General .12
5.3.2 Controls Assessment.13
5.3.3 Consequence analysis.14
5.3.4 Likelihood analysis and probability estimation .14
5.3.5 Preliminary Analysis .15
5.3.6 Uncertainties and sensitivities .15
5.4 Risk evaluation.15
5.5 Documentation .16
5.6 Monitoring and Reviewing Risk Assessment.17
5.7 Application of risk assessment during life cycle phases .17
6 Selection of risk assessment techniques .17
6.1 General .17
6.2 Selection of techniques .17
6.2.1 Availability of Resources .18
6.2.2 The Nature and Degree of Uncertainty.18
6.2.3 Complexity .19
6.3 Application of risk assessment during life cycle phases .19
6.4 Types of risk assessment techniques .19
Annex A (informative) Comparison of risk assessment techniques .21
Annex B (informative) Risk assessment techniques .27
Bibliography.90

Figure 1 – Contribution of risk assessment to the risk management process .11
Figure B.1 – Dose-response curve.37
Figure B.2 – Example of an FTA from IEC 60-300-3-9.49
Figure B.3 – Example of an Event tree.52

31010 © IEC:2009 – 3 –
Figure B.4 – Example of Cause-consequence analysis .55
Figure B.5 – Example of Ishikawa or Fishbone diagram .57
Figure B.6 – Example of tree formulation of cause-and-effect analysis.58
Figure B.7 – Example of Human reliability assessment .64
Figure B.8 – Example Bow tie diagram for unwanted consequences .66
Figure B.9 – Example of System Markov diagram .70
Figure B.10 – Example of State transition diagram.71
Figure B.11 – Sample Bayes’ net .77
Figure B.12 – The ALARP concept.79
Figure B.13 – Part example of a consequence criteria table.84
Figure B.14 – Part example of a risk ranking matrix .84
Figure B.15 – Part example of a probability criteria matrix .85

Table A.1 – Applicability of tools used for risk assessment .22
Table A.2 – Attributes of a selection of risk assessment tools .23
Table B.1 – Example of possible HAZOP guidewords .34
Table B.2 – Markov matrix .70
Table B.3 – Final Markov matrix.72
Table B.4 – Example of Monte Carlo Simulation .74
Table B.5 – Bayes’ table data .77
Table B.6 – Prior probabilities for nodes A and B .77
Table B.7 – Conditional probabilities for node C with node A and node B defined .77
Table B.8 – Conditional probabilities for node D with node A and node C defined .78
Table B.9 – Posterior probability for nodes A and B with node D and Node C defined .78
Table B.10 – Posterior probability for node A with node D and node C defined .78

– 4 – 31010 © IEC:2009
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
RISK MANAGEMENT –
RISK ASSESSMENT TECHNIQUES
FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC
Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in whi
...


SLOVENSKI STANDARD
01-april-2011
Obvladovanje tveganja - Tehnike ocenjevanja tveganj
Risk management - Risk assessment techniques
Gestion des risques - Techniques d'évaluation des risques
Ta slovenski standard je istoveten z: ISO/IEC 31010:2009
ICS:
03.100.01 Organizacija in vodenje Company organization and
podjetja na splošno management in general
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

IEC/ISO 31010
Edition 1.0 2009-11
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
colour
inside
Risk management – Risk assessment techniques

Gestion des risques – Techniques d'évaluation des risques

INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
COMMISSION
ELECTROTECHNIQUE
PRICE CODE
INTERNATIONALE
XD
CODE PRIX
ICS 03.100.01 ISBN 2-8318-1068-2

– 2 – 31010 © IEC:2009
CONTENTS
FOREWORD.4
INTRODUCTION.6
1 Scope.7
2 Normative references .7
3 Terms and definitions .7
4 Risk assessment concepts .7
4.1 Purpose and benefits .7
4.2 Risk assessment and the risk management framework .8
4.3 Risk assessment and the risk management process .8
4.3.1 General .8
4.3.2 Communication and consultation .9
4.3.3 Establishing the context.9
4.3.4 Risk assessment .10
4.3.5 Risk treatment .10
4.3.6 Monitoring and review .11
5 Risk assessment process .11
5.1 Overview .11
5.2 Risk identification .12
5.3 Risk analysis .12
5.3.1 General .12
5.3.2 Controls Assessment.13
5.3.3 Consequence analysis.14
5.3.4 Likelihood analysis and probability estimation .14
5.3.5 Preliminary Analysis .15
5.3.6 Uncertainties and sensitivities .15
5.4 Risk evaluation.15
5.5 Documentation .16
5.6 Monitoring and Reviewing Risk Assessment.17
5.7 Application of risk assessment during life cycle phases .17
6 Selection of risk assessment techniques .17
6.1 General .17
6.2 Selection of techniques .17
6.2.1 Availability of Resources .18
6.2.2 The Nature and Degree of Uncertainty.18
6.2.3 Complexity .19
6.3 Application of risk assessment during life cycle phases .19
6.4 Types of risk assessment techniques .19
Annex A (informative) Comparison of risk assessment techniques .21
Annex B (informative) Risk assessment techniques .27
Bibliography.90

Figure 1 – Contribution of risk assessment to the risk management process .11
Figure B.1 – Dose-response curve.37
Figure B.2 – Example of an FTA from IEC 60-300-3-9.49
Figure B.3 – Example of an Event tree.52

31010 © IEC:2009 – 3 –
Figure B.4 – Example of Cause-consequence analysis .55
Figure B.5 – Example of Ishikawa or Fishbone diagram .57
Figure B.6 – Example of tree formulation of cause-and-effect analysis.58
Figure B.7 – Example of Human reliability assessment .64
Figure B.8 – Example Bow tie diagram for unwanted consequences .66
Figure B.9 – Example of System Markov diagram .70
Figure B.10 – Example of State transition diagram.71
Figure B.11 – Sample Bayes’ net .77
Figure B.12 – The ALARP concept.79
Figure B.13 – Part example of a consequence criteria table.84
Figure B.14 – Part example of a risk ranking matrix .84
Figure B.15 – Part example of a probability criteria matrix .85

Table A.1 – Applicability of tools used for risk assessment .22
Table A.2 – Attributes of a selection of risk assessment tools .23
Table B.1 – Example of possible HAZOP guidewords .34
Table B.2 – Markov matrix .70
Table B.3 – Final Markov matrix.72
Table B.4 – Example of Monte Carlo Simulation .74
Table B.5 – Bayes’ table data .77
Table B.6 – Prior probabilities for nodes A and B .77
Table B.7 – Conditional probabilities for node C with node A and node B defined .77
Table B.8 – Conditional probabilities for node D with node A and node C defined .78
Table B.9 – Posterior probability for nodes A and B with node D and Node C defined .78
Table B.10 – Posterior probability for node A with node D and node C defined .78

– 4 – 31010 © IEC:2009
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
RISK MANAGEMENT –
RISK ASSESSMENT TECHNIQUES
FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC
Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of
patent rights. IEC shall not be held responsible for identifying any or all such patent rights.
International standard IEC/ISO 31010 has been prepared by IEC technical committee 56:
Dependability together with the ISO TMB “Risk management” working group.
The text of this standard is based on the following documents:
FDIS Rapport de vote
56/1329/FDIS 56/1346/RVD
Full information on the voting for the approval of this standard can be found in the report on
voting indicated in the above table. In ISO, the standard has been approved by 17 member
bodies out of 18 having cast a vote.
This publication has been drafted in accordance with the ISO/IEC Directives, Part 2.

31010 © IEC:2009 – 5 –
The committee has decided that the contents of this publication will remain unchanged until
the maintenance result date indicated on the IEC web site under "http://webstore.iec.ch" in
the data related to the specific publication. At this date, the publication will be
• reconfirmed;
• withdrawn;
• replaced by a revised edition;
• amended.
IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates that it
contains colours which are considered to be useful for the correct understanding of its
contents. Users should therefore print this document using a colour printer.

– 6 – 31010 © IEC:2009
INTRODUCTION
Organizations of all types and sizes face a range of risks that may affect the achievement of
their objectives.
These objectives may relate to a range of the organization's activities, from strategic
initiatives to its operations, processes and projects, and be reflected in terms of societal,
environmental, technological, safety and security outcomes, commercial, financial and
economic measures, as well as social, cultural, political and reputation impacts.
All activities of an organization involve risks that should be managed. The risk management
process aids decision making by taking account of uncertainty and the possibility of future
events or circumstances (intended or unintended) and their effects on agreed objectives.
Risk management includes the application of logical and systematic methods for
• communicating and consulting throughout this process;
• establishing the context for identifying, analysing, evaluating, treating risk associated with
any acti
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

SIST
SIST ISO 37001:2025(Main)
Anti-bribery management systems - Requirements with guidance for use
ISO 37001:2025

This document specifies requirements and provides guidance for establishing, implementing, maintaining, reviewing and improving an anti-bribery management system. The system can be stand-alone or can be integrated into an overall management system. This document addresses the following in relation to the organization's activities:
— bribery in the public, private and not-for-profit sectors;
— bribery by the organization;
— bribery by the organization's personnel acting on the organization's behalf or for its benefit;
— bribery by the organization's business associates acting on the organization's behalf or for its benefit;
— bribery of the organization;
— bribery of the organization's personnel in relation to the organization’s activities;
— bribery of the organization's business associates in relation to the organization’s activities;
— direct and indirect bribery (e.g. a bribe offered or accepted through or by a third party).
This document is applicable only to bribery. It sets out requirements and provides guidance for a management system designed to help an organization to prevent, detect and respond to bribery and comply with anti-bribery laws and voluntary commitments applicable to its activities.
The requirements of this document are generic and are intended to be applicable to all organizations (or parts of an organization), regardless of type, size and nature of activity, and whether in the public, private or not-for-profit sectors. The extent of application of these requirements depends on the factors specified in 4.1, 4.2 and 4.5.
NOTE 1 See Clause A.2 for guidance.
NOTE 2 The measures necessary to prevent, detect and mitigate the risk of bribery by the organization can be different from the measures used to prevent, detect and respond to bribery of the organization (or its personnel or business associates acting on the organization's behalf). See A.8 for guidance.

  • Standard
    55 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    47 pages
    English language
    sale 15% off
  • Standard
    52 pages
    French language
    sale 15% off
  • Standard
    52 pages
    French language
    sale 15% off
SIST
SIST ISO 31031:2024(Main)
Managing risk for youth and school trips
ISO 31031:2024

This document gives guidance on managing risk for youth and school trips for both domestic and international travel with specific attention to minors.
This document is applicable to any organization, institution or group that provides activities, visits or trips for children and youth outside of their usual place of operation. These include, but are not limited to:
— educational institutions (schools, colleges and universities);
— children’s homes (including foster care provision);
— residential tutorial centres (summer schools and language colleges);
— community-based youth groups (scouts, guides, cadet units and youth clubs);
— faith-based groups;
— youth sports clubs;
— youth arts clubs (music, drama, painting and literature);
— adventurous activity centres (day visits and residential);
— commercial and non-commercial providers of visits abroad (offshore sailing, cultural tours, sports, community projects, adventure activities and expeditions);
— tourist attractions, tour operators and other service providers.
This document is applicable to trips of any duration, from day trips visiting local points of interest to months-long trips to other continents. These trips can be for purposes such as excursions, fieldwork, expeditions and adventurous or cultural activities undertaken for educational, research, training or recreational purposes.  
This document is applicable any sort of travel under the auspices of an organization, be it one person travelling for an internship or dozens travelling for a sporting match.
This document is applicable to the physical movement between locations, as well as to the events and activities associated with the objectives of the trip.
This document provides good practices to address typical risks arising from activities related to trips. It also includes guidance for creating an emergency response plan.
This document does not apply to groups of vulnerable adults per se. However, some aspects of the guidance can also be relevant to the management of trips for vulnerable adults.
This document does not apply to situations such as minors travelling with their families, as well as how to organize such trips.
This document does not apply to virtual travel, although some parts of it can be relevant.

  • Standard
    54 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    47 pages
    English language
    sale 15% off
  • Standard
    51 pages
    French language
    sale 15% off
  • Standard
    51 pages
    French language
    sale 15% off
SIST
SIST-TS ISO/TS 31050:2023(Main)
Risk management - Guidelines for managing emerging risk to enhance resilience
ISO/TS 31050:2023

This document gives guidance on managing emerging risks that an organization can face. This document complements ISO 31000.  
This document is applicable to any organization, at any stage and to any activity of the organization. Its application can be customized to suit different organizations or the context of different organizations.

  • Technical specification
    41 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Technical specification
    34 pages
    English language
    sale 15% off
SIST
SIST ISO 37002:2021(Main)
Whistleblowing management systems - Guidelines
ISO 37002:2021

This document gives guidelines for establishing, implementing and maintaining an effective whistleblowing management system based on the principles of trust, impartiality and protection in the following four steps:
a) receiving reports of wrongdoing;
b) assessing reports of wrongdoing;
c) addressing reports of wrongdoing;
d) concluding whistleblowing cases.
The guidelines of this document are generic and intended to be applicable to all organizations, regardless of type, size, nature of activity, and whether in the public, private or not-for profit sectors.
The extent of application of these guidelines depends on the factors specified in 4.1, 4.2 and 4.3. The whistleblowing management system can be stand-alone or can be used as part of an overall management system.

  • Standard
    40 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    33 pages
    English language
    sale 15% off
  • Standard
    35 pages
    French language
    sale 15% off
  • Standard
    35 pages
    Spanish language
    sale 15% off
SIST
SIST ISO 37301:2021(Main)
Compliance management systems - Requirements with guidance for use
ISO 37301:2021

This document specifies requirements and provides guidelines for establishing, developing, implementing, evaluating, maintaining and improving an effective compliance management system within an organization.
This document is applicable to all types of organizations regardless of the type, size and nature of the activity, as well as whether the organization is from the public, private or non-profit sector.
All requirements specified in this document that refer to a governing body apply to top management in cases where an organization does not have a governing body as a separate function.

  • Standard
    48 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    40 pages
    English language
    sale 15% off
  • Standard
    40 pages
    English language
    sale 15% off
  • Standard
    44 pages
    French language
    sale 15% off
  • Standard
    44 pages
    French language
    sale 15% off
  • Standard
    44 pages
    French language
    sale 15% off
  • Standard
    43 pages
    Spanish language
    sale 15% off
  • Standard
    44 pages
    Spanish language
    sale 15% off
SIST
SIST ISO 31000:2018
Risk management - Guidelines
ISO 31000:2018

ISO 31000:2018 provides guidelines on managing risk faced by organizations. The application of these guidelines can be customized to any organization and its context.
ISO 31000:2018 provides a common approach to managing any type of risk and is not industry or sector specific.
ISO 31000:2018 can be used throughout the life of the organization and can be applied to any activity, including decision-making at all levels.

  • Standard
    21 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    16 pages
    English language
    sale 15% off
  • Standard
    19 pages
    English language
    sale 15% off
  • Standard
    16 pages
    English language
    sale 15% off
  • Standard
    16 pages
    French language
    sale 15% off
  • Standard
    16 pages
    French language
    sale 15% off
  • Standard
    16 pages
    Spanish language
    sale 15% off
  • Standard – translation
    31 pages
    Slovenian and English language
    sale 10% off
    e-Library read for
    1 day
SIST
kSIST ISO/FDIS 37302:2025(Main)
Compliance management systems - Guidelines for the evaluation of effectiveness
ISO/FDIS 37302

This document establishes principles and indicator system for compliance management effectiveness evaluation, specifies the evaluation criteria and data acquisition, evaluation process, the method to get the evaluation result, and the contents of evaluation report. This document is applicable to the effectiveness evaluation activities of compliance management in all types of organizations, regardless of the type, size and nature.

  • Draft
    41 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    43 pages
    English language
    sale 15% off
  • Draft
    43 pages
    English language
    sale 15% off
SIST
kSIST ISO/FDIS 37009:2025(Main)
Conflict of interest in organizations - Guidelines
ISO/FDIS 37009

This document provides guidance to organizations on how to identify, assess, resolve and monitor conflict of interest based on the principles of trust, integrity, transparency and accountability.  
The guidance in this document is generic and intended to be applicable to all organizations, regardless of type, size and nature of activity and whether in the public, private or not-for-profit sectors. It distinguishes between actual, apparent and potential conflict of interest.

  • Draft
    25 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
kSIST ISO/FDIS 37003:2025(Main)
Fraud Control Management Systems - Guidance for organizations responding to the risk of fraud
ISO 37003

This document will provide guidance for use for establishing, developing, implementing, evaluating, maintaining and improving an effective anti-fraud management system. The guidance will be generic and applicable to all organizations, regardless of type, size and nature of activity, and whether in the public, private or not-for-profit sectors. The guidance will include: • creation and maintenance of a fraud risk recognition, tracking and monitoring environment within an organisation including proactive control systems, protocols and procedures; • mitigation of internal and external fraud against, and by, the organization; • detection of fraud in the event that pre-emptive counter-fraud strategies, protocols and procedures fail to identify and trace incidents; • effective response to fraud events so that - lessons are learned that can be applied to the mitigation framework, - reputational harm to the organisation can be minimised and restored, - funds lost to fraud can be recovered. This is a Type B management system standard.

  • Draft
    50 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    54 pages
    English language
    sale 15% off
  • Draft
    54 pages
    English language
    sale 15% off
SIST
kSIST ISO/FDIS 37303:2025(Main)
Compliance management systems - Guidelines for competence management
ISO/FDIS 37303

This document provides guidelines for the competence management and personnel development of compliance management in an organization to positively influence outcomes related to the effectiveness of compliance management system and the needs and expectations of relevant stakeholders. This document is applicable to compliance management competence management and personnel development in all organizations regardless of their type, size and nature of organizations. It does not add to, change or otherwise modify requirements for ISO 37301 or any other standards.

  • Draft
    24 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    19 pages
    English language
    sale 15% off
  • Draft
    19 pages
    English language
    sale 15% off