Home > Sustainable procurment and supplier risks > Risk management standards
ISO 31000 has been the benchmark for risk management since its publication in 2009. This voluntary international standard was revised in 2018 to better “stick” to the expectations of users, in particular corporate risk managers. It defines risk as “the effect of uncertainty on objectives”, thus emphasizing the effects of incomplete knowledge of events or circumstances on the decision-making process within an organization.
For a company, the risks can be multiple: brand damage, industrial accident risks, pollution risks, ethical risks, occupational health and safety risks, risks of non-compliance or non-quality, etc. Each of them, alone or in combination, raises the question of economic risk: a company that neglects pollution risks sees its reputation tarnished, its customers turned away, and ultimately its sales dwindle.
In this sense, risk management is strategic. The purchasing department needs to keep this in mind. ISO 31000 is a great help here. It provides guidelines for internal organization and asking the right questions.