ISO/IEC 31010

ISO/IEC 31010 is a standard concerning risk management codified by The International Organization for Standardization and The International Electrotechnical Commission (IEC). The full name of the standard is ISO.IEC 31010:2019 – Risk management – Risk assessment techniques.

Risk assessment steps

  • identifying the risk and the reason for its occurrence
  • identifying the consequences if the risk occurs
  • identifying the probability of the risk occurring once more
  • identifying factors that reduce the consequences or probability of the risk

Scope

The ISO 31010 standard supports the ISO 31000 standard. It supplies information as to the selection and application of risk assessment techniques.

Risk assessment and the risk management process

Risk assessment is part of the core elements of risk management defined in ISO 31000, which are:

  • communication and consultation
  • establishing the context
  • risk assessment (risk identification, risk analysis, risk evaluation)
  • risk treatment
  • monitoring and review

"Risk assessment is the overall process of risk identification, risk analysis and risk evaluation" (ISO 31010)

Risk can be assessed at any level of the company’s operations or goals.

Risk assessment techniques

There are 31 risk assessment techniques listed on Annex B of ISO/IEC 31010.

  1. Brainstorming
  2. Structured or semi-structured interviews
  3. Delphi method
  4. Checklist
  5. Preliminary hazard analysis (PHA)
  6. Hazard and operability study (HAZOP)
  7. Hazard analysis and critical control points (HACCP)
  8. Toxicity assessment
  9. Structured What If Technique (SWIFT)
  10. Scenario analysis
  11. Business impact analysis
  12. Root cause analysis
  13. Failure mode and effects analysis (FMEA)
  14. Fault tree analysis
  15. Event tree analysis
  16. Cause and consequence analysis
  17. Cause-and-effect analysis
  18. Layer protection analysis (LOPA)
  19. Decision tree
  20. Human reliability analysis (HRA)
  21. Bow tie analysis
  22. Reliability centered maintenance
  23. Sneak circuit analysis
  24. Markov analysis
  25. Monte Carlo simulation
  26. Bayesian statistics and Bayes nets
  27. FN curve
  28. Risk index
  29. Risk Matrix
  30. Cost/benefit analysis
  31. Multi-criteria decision analysis (MCDA)

References