Linda,
ISO 31000:2009 is a worthwhile document and standard. It is close to the AUS/NZ 4360 risk management standard, which I previously used as a base to develop risk management programs. We are now using ISO 31000 as the foundation for our supply chain risk management program. The standard provides a pragmatic, practical approach to risk management.
It would be worthwhile to also obtain the companion documents ISO Guide 73:2009 Risk management vocabulary, and IEC/ISO 31010:2009 Risk management - risk assessment techniques.
Recognize that the standard is only a framework for risk management. Each company must tailor the details of a risk management program to meet the company's business environment, organizational structure and culture.
-------------------------------------------
John Brown
Director, Risk Management, Supply Chain Development
The Coca-Cola Company
Atlanta GA
United States
jbrown3@na.ko.com -------------------------------------------