ISO 31000:2018 Risk Management Checklist
This simple, single-source ISO 31000:2018 checklist can be used to effectively manage the risks that your organization faces. This 71-step checklist provides a list of all stages of ISO 31000 execution, which you can use to account for the risk management components required for a successful ISO 31000 audit. Answer each checklist item with “Done,” “To Do,” or “N/A,” and include relevant notes for each. This reusable checklist is available in Microsoft Word and PDF as an individual ISO 31000:2018 risk management template, and as a Google Docs template that you can save to your Google Drive account and share with others.
Download ISO 31000:2018 Risk Management Checklist Template
ISO 31000 Risk Management Plan Template
This ISO 31000 risk management plan template can help you to identify the risks and impact on any given project, as per the ISO 31000 risk management standards. The template can be further used to assess risk likelihood and the degree of seriousness of each identified risk on the template. You can also define effective mitigation strategies and assign risk management tasks to personnel, as well as fill in the full name and signature of the risk management plan’s project manager at the bottom of the document.
Download ISO 31000 - Risk Management Plan Template
ISO 31000 Risk Assessment Template
Proactively assess risks with this easy-to-fill ISO 31000 risk assessment template. The template can be used as a step-by-step guide to assess risk likelihood and degree of seriousness. Identify risks and hazards, assign a severity rating, and add notes regarding risk likelihood. Use the space at the bottom of the template to add the full name and signature of the risk management plan’s project manager.
Review our collection of risk assessment forms for more templates.
Download ISO 31000 - Risk Assessment Template
ISO 31000 Hazard Identification Template
This hazard identification template can be used to record hazards and their impact on any given project, as per the ISO 31000 risk management standard. This template helps you assess hazard likelihood and degree of seriousness. Assign tasks to resolve urgent risks, and enter relevant comments for each risk management item to complete the risk assessment. The hazard identification process inspector can also add their name and signature at the end of the document.
Download ISO 31000 Hazard Identification Template
ISO Risk Register Template
The ISO risk register template can be used to determine potential vulnerabilities in your organization’s risk assessment practices. You’ll find columns for risk ID number, risk description, process, step, impact description, and impact level. Rank the probability level, assign a priority level, and note whether a process step can eliminate the risk, what controls already exist that might address the risk, the mitigation or control strategy, and the owner.
For more free risk register templates, see “Download Free Risk Register Templates.”
Download ISO Risk Register Template
General Risk Templates to Aid in ISO 310000 Compliance
Risk assessment and mitigation are essential activities for any organization, regardless of whether or not you are pursuing ISO 31000 compliance. The following templates — a simple safety risk register template, an internal audit risk register template, and a business risk assessment matrix — provide columns to note standards and compliance information, a description of each potential risk, and impact, probability, and mitigation details. Using these templates can help you to identify, plan for, and protect your organization against risks and hazards so you will be better equipped to handle any crises that arise. Additionally, you can use the information gained from these templates to work toward ISO 310000 compliance.
For more free risk assessment forms, see “Free Risk Assessment Form Templates and Samples.” Or, to find more free risk assessment matrix templates, see “Download Free, Customizable Risk Matrix Templates.”
Simple Safety Risk Register Template
Download Simple Safety Risk Register Template
Microsoft Excel | Google Sheets | Smartsheet
Internal Audit Risk Register Template
Download Internal Audit Risk Register Template
Microsoft Excel | Google Sheets | Smartsheet
Business Risk Assessment Matrix Template
Download Business Risk Assessment Matrix Template
What Is ISO 31000 Risk Management?
The ISO 31000 standard provides a framework of universally recognized principles and step-by-step best practices for risk management. Any organization can use the standard to anticipate and mitigate risks, and you can customize the standard for any industry.
By following ISO 31000 risk management guidelines, organizations can effectively manage risk. To adhere to the standards, you need the right tools to ensure that the multiple, preventative steps of the ISO 31000 implementation cycle run smoothly — from identifying potential risks to creating mitigation plans in order to minimize risk for full ISO 31000 compliance.
ISO 31000 provides the following steps for how to deal with risk management:
- Identify and avoid the risk by determining not to implement or continue the activity that gives rise to the risk.
- Minimize (or entirely remove) the source of the risk.
- Determine the likelihood of the risk and make alternate decisions to avoid it.
- Address the likelihood, and change the consequences of the risk.
- Share the risk with stakeholders or other parties (e.g., partners and financing) to determine how to mitigate it.
- Create a proactive step-by-step risk mitigation framework process to minimize or eliminate the consequences of the risk.
Read our guide to risk management certification to learn more about becoming ISO 31000 certified.
What Is in the Updated ISO 31000:2018?
The ISO 31000 risk management standards were revised in 2018. The four primary updates in the ISO 31000:2018 revised standard are as follows:
- Review and revise the primary principles of risk management to clearly identify your criteria for success.
- Proactively involve key top management and other stakeholders for buy-in to address risk management processes and ensure that these processes and practices are integrated into organization-wide actions.
- Emphasize the iterative steps of risk management, and apply updated experiences, developments, and analysis of the process elements, steps, and controls at each stage of the risk management process.
- Streamline risk management content with a focus on a scalable, open systems model that incorporates the needs and contexts of any organization.
The ISO 31000:2018 standard also incorporates the use of a “risk management framework,” which provides an adaptable list of standards. Organizations can use the framework to design, implement, manage, review, and perpetually improve their risk management practices.
Monitor ISO 31000 Standards and Compliance with Real-Time Work Management in Smartsheet
Empower your people to go above and beyond with a flexible platform designed to match the needs of your team — and adapt as those needs change.
The Smartsheet platform makes it easy to plan, capture, manage, and report on work from anywhere, helping your team be more effective and get more done. Report on key metrics and get real-time visibility into work as it happens with roll-up reports, dashboards, and automated workflows built to keep your team connected and informed.
When teams have clarity into the work getting done, there’s no telling how much more they can accomplish in the same amount of time. Try Smartsheet for free, today.
Any articles, templates, or information provided by Smartsheet on the website are for reference only. While we strive to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability, or availability with respect to the website or the information, articles, templates, or related graphics contained on the website. Any reliance you place on such information is therefore strictly at your own risk.
These templates are provided as samples only. These templates are in no way meant as legal or compliance advice. Users of these templates must determine what information is necessary and needed to accomplish their objectives.