News & Commentary on ISO Management System Standards

    ISO 31010 is what you want, not just ISO 31000

    Risk Management 2-1


    ISO 31010 has the Risk Management Tools you need

    ISO 31000 and ISO 31010 are two related risk management standards developed by the International Organization for Standardization (ISO). They provide guidelines and principles for effective risk management practices within organizations.

    However, they have very different purposes, and here are the key differences between ISO 31000 and ISO 31010.

    ISO 31000:2018 Risk Management Guidelines

    • ISO 31000 is the foundational standard for risk management. It provides a comprehensive framework and guidelines for risk management practices within organizations.
    • It offers a high-level overview of risk management principles, processes, and a risk management framework, making it suitable for organizations of all types and sizes.
    • ISO 31000 focuses on helping organizations identify, assess, treat, monitor, and communicate risks systematically and structured.
    • The standard emphasizes integrating risk management into an organization's governance and decision-making processes.
    • It serves as the umbrella standard for risk management and provides the context and principles organizations can use to develop their policies and procedures.

    ISO 31010:2019 Risk Management – Risk Assessment Techniques

    • ISO 31010 is a complementary standard to ISO 31000. It guides the selection and application of risk assessment techniques.
    • While ISO 31000 sets the framework and principles for risk management, ISO 31010 delves into the practical methods and techniques organizations can use to assess and evaluate risks.
    • This standard offers a wide range of risk assessment techniques, such as quantitative, qualitative, and semi-quantitative methods. It provides guidance on choosing the appropriate methods based on the context and objectives of risk assessment.
    • This standard helps organizations tailor their risk assessment processes to suit their specific needs and risk management goals.
    • ISO 31010 assists in implementing the risk management principles outlined in ISO 31000 by offering a toolbox of risk identification, analysis, and evaluation tools.

    In summary, ISO 31000 is the overarching standard that provides a framework for risk management (the theory). At the same time, ISO 31010 is a standard that offers guidance on the practical techniques and methods for conducting risk assessments (the practice).

    ISO 31010 Risk Management Courses

    deGRANDSON Risk Management Courses include content from both standards. The main focus, however, is on the practical application, with examples, of the multiple techniques to resolve a myriad of common business problems and opportunities.

    We have Courses at the Foundation, Advanced, and Expert Levels.

    Related Courses

    Related Articles

    deGRANDSON Global is an ISO Certified Educational Organization

    New call-to-actionIn October 2021, we secured certification to three education-related ISO Standards.  We now have a university-grade management system in place conforming to the requirements of  …

    • ISO 21001, Educational Organizational Management System,
    • ISO 29993, Learning Services outside formal Education,  and
    • ISO 29994, Learning Services – additional requirements for Distance Learning.

    We have chosen ISO 21001 certification because it is based on independent third-party assessment, unlike IRCA and Exemplar badges (which we believe are commercially compromised).  It is a ‘university grade’ standard in use globally by schools, colleges, and universities to demonstrate their competence.


    Written by Dr John FitzGerald

    Director & Founder of deGRANDSON Global. Spent 15 years in the manufacturing industry and 25 years training, consulting & auditing management systems
    Find me on:

    Subscribe to Email Updates

    Recent Posts