ISO 31000

An international standard for risk management published by the International Organization for Standardization. It provides principles, framework, and process guidance for managing risk in any organization regardless of size, activity, or sector. ISO 31000 defines risk as "the effect of uncertainty on objectives" and emphasizes that risk management should be integrated with organizational governance and decision-making processes. While ISO 31000 notably lacks explicit treatment of risk appetite, its process-oriented approach has significantly influenced RBPM development.