Risk Management Principles and Guidelines

AS/NZS ISO 31000:2009 Risk management - Principles and guidelines

What is AS/NZS ISO 31000:2009?

The AS/NZS ISO 31000:2009 standard provides the internationally accepted basis for best practice risk management. The standard is non-prescriptive or generic in its application which provides a methodology of managing risk which is applicable for all types of organisations including governments.

In addition to the standard there is an international guide: ISO Guide 73:2009, which provides the basic vocabulary that is designed to develop a common understanding of risk management concepts.


The first Australian and New Zealand Risk Management Standard AS/NZS 4360 was released in 1995 and updated in 1999 and 2004 respectively. This standard was increasingly adopted and translated by other countries.

In 2005 an international working group was established to produce an international standard of risk management which built upon the already successful foundation of the AS/NZS 4360 document. The core risk identification and treatment process elements within AS/NZS 4360, the process, remain unchanged. The new standard (AS/NZS ISO 31000:2009) now provides explicit guidance on risk management principles and a risk management framework that were not as obvious in the previous document.

Components of the 31000 standard

AS/NZS ISO 31000:2009 is separated into three core areas:

The diagram below shows the relationship between the principles, framework and process for managing risk and has been reproduced from the AS/NZS ISO 31000:2009 standard.

diagram of relationships from the AS/NZS ISO 31000:2009 standard

Print a copy of the ISO 31000:2009 standard

ACT Government officers can obtain a (paper) copy of the 31000 standard by contacting the Library on ext. 50395. Have the name of your closest network printer available.

Non-ACT Government officers can purchase a copy of the 31000 standard from Standards Australia.

The ACT Government is committed to improving the accessibility of web content. If, however, you experience problems accessing the information or functions in any uploaded PDF or Word document, please contact the ACTIA Officer Manager. We will endeavour to fix the problem or provide the information in an alternative format.