ISO 31000 Lead Auditor

This course enables certified ISO 31000 risk professionals to learn the skills and techniques required to conduct in-depth maturity assessments, reviews and audits against the principles of ISO 31000.

The course is structured about the exclusive G31000 risk management maturity model, the only ISO 31000 principles-based risk maturity model. G31000 RMM helps organizations assess alignment to ISO 31000 principles and current maturity level and to develop a roadmap for continuous improvement.

The course covers the purpose of risk management and detailed analysis of each of the Eight (8) principles proposed in the ISO 31000: 2018 risk management standard, including a set of criteria to test current maturity and identify opportunities for improvement.

Learning Objectives


Understand practical application of the each of the Eight (8) ISO 31000 principles


Learn what/how to evaluate organizations on their risk management program and structure.


Apply assessment criteria, checklists, gap anaysis and sample tools to test maturity against the ISO 31000 principles as an in-house risk auditor or an external consultant .


Develop practical roadmaps to develop and improve risk management maturity.

Course Agenda


Day 1

Understanding ISO 31000 principles and model structure

  • About G31000 risk management maturity model (RMM)
  • G31000 RMM structure and application
  • Step A : Purpose of risk management : create and protect value during decision-making
  • Step B : Data gathering and validation on the following principles:
    • Risk management is an Integral part of all organizational processes
    • Risk management is Structured and comprehensive
    • Risk management is Customized to context, risk profile and objectives
    • Risk management is Transparent, inclusive and timely
    • Risk management is Dynamic, iterative and responsive to change


Day 2

Applying G31000 Risk
Management Maturity model

  • Data gathering and validation on the following principles:
    • Risk management is based on the Best available information
    • Risk management takes into account Human and cultural factors
    • Risk management is Continually improved through learning and experience.
  • Step C : Developing road maps based on the G31000 risk management maturity model
  • Step D : Calculating the overall risk maturity level.


Day 3

Afternoon: Overall review and examination

  • Exam on the use of the G31000 Risk Maturity Model (duration: 2 hours)
  • Information regarding the validation procedure to become "Certified ISO 31000 Lead Auditor"


Only C31000 certified ISO 31000 risk professionals are allowed to take this course since attendees should have a good knowledge and understanding on the ISO 31000 risk management standard before the course , especially the vocabulary , the principles , the framework and the process proposed in the ISO 31000 standard.

The ISO 31000:2018 standard - Risk management - Principles and guidelines can be purchased on the ISO website:.

ISO 31000:2018 - Risk management — Principles and guidelines

Exam & Certifications

The exam to become Approved ISO 31000 Lead Auditor meets the requirements of ISO/ IEC 17024 standard designed to harmonize the certification process of personnel worldwide.

The exam covers the following competence domains:

  • Purpose of risk management based on ISO 31000 standard
  • Eight (8) principles of risk management
  • Data gathering and validation
  • Roadmap development and recommendations


Examination Hours


Multiple Choice Questions

Companies We Trained