ISO 31000 Compatibility

The objective of ISO 31000 is to provide guidelines on managing the risk faced by organizations. The standard can be customized to any organization and is not specific to any industry or sector. The most recent version of this standard is ISO 31000:2018.

Section 5.4.4 of the standard states that it is necessary to "ensure allocation of appropriate resources for risk management", including "tools to be used for managing risk." Risk Register by ProjectBalm is fully compatible with ISO 31000, and can be used to help ensure compliance with this standard.

ISO 31000 defines the Principles, Framework, and Process for managing risk. The Risk Register application supports the risk management Process, which is defined in section 6. The following specific steps are supported by the application:

  • Section 6.4.2 Risk identification is enabled by the creation of a risk within the application (Server or Cloud).
  • Section 6.4.3 Risk analysis is enabled by the definition of risk probability and impact for a risk within the application (Server or Cloud).
  • Section 6.4.4 Risk evaluation is enabled by the definition of a risk model in the application and the automatic calculation of the level of risk.

Documentation for these three activities can be found here - Server and Cloud.

  • Section 6.5 Risk treatment is enabled by the risk treatment fields in the application, including the ability to record mitigating actions.

Documentation for this activity can be found here - Server and Cloud.

  • Section 6.6 Monitoring and review is enabled by the risk register and risk matrix views

Documentation for this activity can be found here - Server and Cloud.