Risk Maturity Model

The concept of risk management maturity is introduced in ISO 31000

"The current management practices and processes of many organizations include components of risk management, and many organizations have already adopted a formal risk management process for particular types of risk or circumstances. In such cases, an organization can decide to carry out a critical review of its existing practices and processes in the light of this International Standard."
(Source : ISO 31000 Introduction)

"Organizations should develop and implement strategies to improve their risk management maturity alongside all other aspects of their organization."
(Source : Chapter 3 Principle K)

G31000 Risk Maturity Model helps organizations assess alignment to ISO 31000 principles and current maturity level and to develop a roadmap for continuous improvement

Why G31000 Risk Maturity Model?

Global Institute for Risk Management Standards is a network of over 65,000 risk management experts across the world, more than 1000 people has been ISO 31000 certified risk professionals.

G31000 Risk Management Maturity Model is the only globally recognized model that has been designed to closely align with the ISO 31000:2009 principles.

Focuses not on formal elements of risk management but on the integration of risk management into activities, decision making and culture.

Created by a global team with extensive knowledge in risk management and risk maturity models.

Endorsed by global organizations.

G31000 Risk Maturity Model structure

G31000 Risk Management Maturity Model is structured around the ISO 31000 principles.

Each of the 11 principles has a set of criteria to test current maturity and identify opportunities for improvement.

The overall scoring system is based on a detailed questionnaire linked directly to identified sub-components of all the principles and is mapped to a 3-level risk maturity scale.

Available for self-assessment or external validation, available in hard-copy or electronic.

Can be applied at any organizational, program, project or subsidiary levels.

Each of the 11 principles covers:

  • Detailed assessment criteria specifically designed for each principle.
  • List of documents to review.
  • List of stakeholders to interview.
  • Sample interview questions related to each principle.
  • Recommendations for the walkthrough.
  • Scoring criteria.
  • Worksheets for comments, maturity assessment and opportunities for improvement.
  • Compliance-driven
  • Structured
  • Integrated

Special promotional offer

Order today to receive a special promotional offer


Complimentary updates of the G31000 RMM for the next 3 years.

Electronic copy

Electronic copy of the G31000 RMM including the scoring model (Spreadsheet).

Hard copy

Hard copy of the G31000 RMM, including postage and handling.

Companies We Trained