Skip main navigation
You are at: Home>Certification>Risks and safety>Risk management
Risk Management System EA 31
Certification of Risk Management

Risk Management System EA 31

Strategic and Global Risk Management Turning risk into an opportunity

The context surrounding organisations is increasingly complex and the demands of the stakeholder groups are increasingly greater: quality of products and services, environmental protection, operational, financial and regulatory risks, cost management, social responsibility, good governance, crime prevention, health and safety of employees, among others.

The AENOR EA31 specification establishes the requirements to define, implement, maintain and improve a Risk Management System. It focuses on corporate risk and allows companies to move forward in the management of other more specific risks, such as those of an operational, legal, financial and strategic nature.

The proposed Risk Management System not only responds to the guidelines of the Standard ISO 31000 and nature of the risk, but rather it also deals with the risks by considering the response to a potential or real incident, as well as the planning of recovery actions when facing an event that could result in an interruption to an organisation's activity.

Appropriate Risk Management enables organisations:

  • Improvement and reduction of reputation risks or those of an operational or strategic nature, etc. for the organisation.
  • It contributes confidence to the market and it provides security to the governing bodies of an organisation.
  • It reduces uncertainty and optimises results and resources.
  • It helps them to be ready to provide a response to crisis situations, reduce their consequences and restore normality to the main activities in the shortest possible time, so that the continuity of the organisation is not compromised.
  • Organisations that are more aware of reality achieve an improvement when making decisions by systematising them and carrying them out according to the best available information.

The Risk Management System, according to the specification EA31, is applicable to any organisation regardless of its size, activity, type of risks and location.

Given that it is a management system based on the cycle of continual improvement, it constitutes a tool that is compatible and integrable with other recognised management systems, such as ISO 9001, ISO 14001, ​ ISO45001 or any other system based on the PDCA cycle and continuous improvement.

Once it passes the certification process, the organisation obtains:

  • The Certification of Risk Management Systems,
  • The AENOR Mark Risk Management user license according to EA31.
AENOR Mark of Risk management EA 31

AENOR Mark Risk Management EA 31


Since 2013 AENOR has certified Risk Management in accordance with EA 31. Aguas de Valencia and Aguas de Málaga were the first companies to obtain the risk management certificate from AENOR.

Would you like more information?

Risk Management Certification

Finger pointing at a digital screen