This standard can be applied throughout the life of an organization and to a wide range of activities, including strategies and decisions, operations, processes, functions, projects, products, services and assets. In addition, this standard can be applied to any type of risk, whatever its nature, whether having positive or negative consequences.
It is intended that this standard be utilized to harmonize risk management processes in existing and future standards. It provides a common approach in support of standards dealing with specific risks and/or sectors and does not replace those standards. This standard is not intended for the purpose of certification.