BS 31100:2008 pdf free.Risk management – Code of practice.Here is the part of the introduction:
Organizations of all types and sizes face a range of risks affecting the achievement of their objectives. While “risk” is commonly regarded as negative, risk management is as much about exploiting potential opportunities as preventing potential problems. It is important to bear this in mind whenever managing risk, and in reading this Code of Practice. Risk management is an essential part of good management.
Risk management has to continuously, systematically and proportionally address the risks surrounding an organization’s activities. It cannot be separated from the culture of the organization.
Risk management comprises a framework and process that enable an organization to manage uncertainty in a systemic, effective, efficient and systematic way from strategic, programme, project and operational perspectives, as well as supporting continual improvement. Risk management applies at all levels of an organization and to all activities (see Figure 1).
BS 31100 provides a guide to risk management principles, models, framework and processes. Its purpose is to assist organizations to achieve their objectives through effective risk management.
The risk management model presented in this standard provides at the core a framework and process on which to manage risks. The outer rings of Figure 2 contain the context in which the organization operates, the organization itself and the culture, with communication required at all levels.
BS 31100 provides a basis for understanding, developing, implementing and maintaining proportionate and effective risk management throughout an organization, in order to enhance the organization’s likelihood of achieving its objectives. This British Standard establishes the principles and terminology for risk management, and gives recommendations for the model, framework, process and implementation of risk management which are derived from experience and good practice.
NOTE 1 A glossary gives the definitions of the risk management terms most commonly used in this Standard, with the first instance of each term being highlighted in bold to indicate that it is included in the glossary. With some exceptions, the definitions in the glossary are consistent with those given in Working Draft 2 of ISO Guide 73 (1 April 2008).
The basic risk management principles (see Clause 2) are applicable to any organization, but the way they are implemented will vary accord ing to an organization’s nature, including size and complexity, and context.