Training objectives

The ISO 31000 Risk Manager training course helps participants acquire the knowledge necessary and the ability to integrate the risk management guidelines of ISO 31000 in an organisation. It provides information with regard to the risk management principles and their application, as well as the core elements of the risk management framework and steps for a risk management process. In addition, it provides the basic approaches, methods, and practices for assessing risk in a wide range of situations. Upon completing the training course, you can sit for the exam and apply to obtain the “PECB Certified ISO 31000 Risk Manager” credential. The credential demonstrates your knowledge and ability to apply the risk management process in an organisation based on the guidelines of ISO 31000 and best practices.

Key Learning Outcomes

  • Understand the risk management concepts, approaches, methods, and techniques
  • Learn how to establish a risk management framework in the context of an organisation
  • Learn how to apply the ISO 31000 risk management process in an organisation
  • Understand the basic approaches, methods, and practices used to integrate risk management in an organisation


Day 1 – Introduction to ISO 31000 and risk management and establishing the risk management framework

  • Meet and greet
  • General information
  • Learning objectives
  • Educational approach
  • Examination and certification
  • About PECB
  • The economic and human impact of disasters
  • The evolving risk landscape 2015 – 2020
  • What is ISO?
  • Standard and methodology
  • ISO 31000, ISO/TR 31004, and IEC 31010
  • The history of ISO 31000
  • AS/NZS 4360, the predecessor of ISO 31000
  • Other risk assessment/management best practices
  • What does ISO 31000 mean for your organisation?
  • Who manages risks?
  • Definition of risk
  • Management, risk management, and managing risk
  • Risk and objectives
  • Uncertainty/opportunity/threat/event
  • Consequence/likelihood
  • Risk types
  • Risk management principles and their application
  • Purpose of the risk management framework
  • Risk management process according to ISO 31000
  • Risk management and risk assessment
  • Relationship between the risk management principles, framework, and process
  • Leadership and commitment
  • Integrating the risk management framework into an organisation
  • Designing the risk management framework
  • Implementing the risk management framework
  • Evaluating the risk management framework
  • Improving the risk management framework

Day 2 – Initiation of the risk management process and risk assessment based on ISO 31000

  • Define the scope
  • Define the objectives
  • Establish the context for the risk management process
  • Define risk criteria
  • Identification of risks
  • Identification of assets
  • Identification of risk sources
  • Investigation of the effectiveness of existing controls
  • Risk identification techniques
  • Selecting a risk analysis approach
  • Biases in risk analysis
  • Identifying consequences
  • Assessing the consequences
  • Expressing the magnitude of consequences
  • Analysing the likelihood
  • Determining the level of risk
  • Reviewing the risk analysis
  • Risk analysis techniques
  • Evaluating the levels of risk based on the risk evaluation criteria
  • Applying results to support decisions
  • Making decisions about the significance of risk
  • Evaluating the expected monetary value
  • Prioritising

Day 3 – Risk treatment, recording & reporting, monitoring & review, communication & consultation according to ISO 31000

  • Risk treatment options
  • Risk treatment plan
  • Evaluation of residual risk
  • Acceptable and unacceptable risk levels
  • Management of residual risk
  • Value of documented information
  • Types of documented information
  • Recording of risk
  • Recording and reporting the risk assessment outcomes
  • Risk registers
  • Controlling the records
  • Reporting the risk
  • Documenting the risk management process
  • Monitoring and review
  • Monitoring and reviewing the risk management framework
  • Accountability
  • Monitoring and reviewing the risk management process
  • Learning from experience
  • Performance indicators
  • Performance management
  • Communication and consultation
  • Communication process
  • The aim of the communication and consultation process
  • Communication tools
  • Risk communication types
  • Soft skills
  • Consultation process
  • Consultation methods
  • Risk escalation
  • PECB ISO 31000 certification scheme


Online Examination

The “PECB Certified ISO31000 Risk Manager” exam complies with the requirements of the PECB Examination and Certification Program (ECP). The exam covers the following competency domains:

  • Domain 1: Fundamental principles and concepts of risk management
  • Domain 2: Establishing the risk management framework
  • Domain 3: Application of the risk management process

Having successfully passed the exam, you can apply for the respective credential. You will receive the certificate once you comply with all the requirements of this certification. Certification fees are included in the training price.

Price and Terms

The price covers:

  • Training course materials containing over 300 pages of information and practical examples
  • An attendance record of 21 CPD (Continuing Professional Development) credits
  • 2 vouchers to take the exam within a year