This handbook expands and provides context to the clauses in ISO 31000. It pro¬vides advice regarding introducing and implementing risk management, including how to create and protect value for stakeholders. The handbook demonstrates how to:
• Use the principles of effective and efficient risk management in the way risk is managed;
• Develop a plan for integrating risk into an organization’s existing arrangements;
• Understand how organizational culture influences the design and implementation of risk management;
• Confirm that the need for effective risk management is considered when changes affect the organization;
• Apply the risk management process to identify, analyse, evaluate, and where required, to treat risk;
• Communicate and consult with stakeholders;
• Monitor and review the risk management plan and process; and
• Continually improve based on context and lessons learned.
As with ISO 31000, this handbook can be used to manage risk in all types of organizations. It applies to an organization, and to its activi¬ties. It applies to organizations that are considering implementing ISO 31000 or seeking improvement of existing risk management.