ISO 31000 risk management principles and guidelines are the preferred standard to use with ISO 9001:2015.  ISO 31000 is ERM light.  We advocate the use of ISO 31000 with ISO 9001:2015 for smaller organizations because it:

• Is a risk management framework.  ISO 31000 has all the critical elements of a framework, including a focus on culture, risk philosophy, risk definitions, common risk approach, common risk processes, defined roles and responsibilities, importance of accountability, risk competencies, risk appetite, and risk tolerance of the organization. Continue reading →