ISO 31000:2018 Enterprise Risk Management

What is ISO 31000: Enterprise Risk Management?
International Organization for Standardization (ISO) developed ISO 31000 as its risk management guideline for its management system standards. More than 60 countries have adopted ISO 31000 as their national risk management standard. ISO 31000: Enterprise Risk Management is the first book to address: ISO Enterprise Risk Management. More

Available ebook formats: epub

About Greg Hutchins

Greg Hutchins is the founder of,,,, and other startups. Greg Hutchins is the risk evangelist who coined the expression Future of Quality: Risk®. He can be contacted at

Greg Hutchins PE CERM is also the principal professional engineer Quality + Engineering - international supply and quality management firm. He has written best selling books on global ISO standards and risk management. Greg is the author of ISO 9000 (best selling translated into 8 languages published through John Wiley), Value Added Auditing, ISO 31000: Enterprise Risk Management, ISO Risk Based Thinking, Risk Based Thinking, Supply Management Strategies (APICS, ISM, ASQ endorsed and used in certifications), and Standard Manual of Quality Auditing and more than a dozen article international books.

Several Hutchins’ books include:

Supply Chain Risk Management:Competing In the Age of Disruption
ISO 31000:2018 Enterprise Risk Management
Risk Based Thinking
Risk Based Auditing:Using ISO 19011:2018
Supply Management Strategies:3rd Edition
Value Added Auditing:4th Edition
Factory and Sourcing Checklists
Operational Excellence Handbook:An Enterprise Approach

Q+E is the designer and developer of Certified Enterprise Risk Manager® (CERM), CERM Cyber™ certificate, and best selling ISO and ERM books. Q+E has deep domain expertise in ISO 31000, ISO 27001, and NIST 800’s.

Q+E designed CERM based on its security IP including Critical Infrastructure Protection: Forensics, Assurance, Analytics®; Value Added Auditing™; Certified Enterprise Risk Manager®; Future of Quality: Risk®; CERM: Risk Based, Problem Solving | Risk Based, Decision Making®; etc. Q+E has been certified by the Department of Homeland Security for Critical Infrastructure Protection: Forensics, Assurance, Analytics®.

Q+E has conducted the following Critical Infrastructure Protection (CIP) risk assessments:

• Analytical. Q+E engineers and scientists conduct analytical analyses following Q+E protocols evaluating business continuity, cyber security, and physical security systems against IEEE, NFPA, ISA, PMI, ISO, NIST, COSO, NERC, DIACAP, FISMA, and ASIS standards.
• Assurance. Q+E offers the client three levels of assurance:
o Compliance. Q+E conducts a compliance audit against appropriate standards and guidance.
o Assurance with opinion. Q+E issues an opinion based on the results of a governance, risk, and compliance (GRC) audit or ERM controls assessment.
o Assurance with insurance coverage. Q+E conducts an audit and provides the requisite level of due diligence for the auditee to be covered.
• Forensics. Q+E provides the above levels of assurance as well as supplies a letter to the regulatory authority averring compliance that criteria have been met.

Learn more about Greg Hutchins

Also by This Author


This book has not yet been reviewed.
Report this book