ISO 9001 Risk Management

The ISO 9001 Risk Management Course frames the interaction between quality management and risk management, clarifying how risk-based thinking in ISO 9001 translates into decisions, controls and operational prioritisation. The training supports the integration of risk into QMS processes, reinforcing prevention, consistency and continuous improvement.

Register
Companies: request a proposal

Quick Access:   Introduction· Why this course exists· What this course enables· Frameworks and models· Value· Objectives· Target audience· Prerequisites· Programme· Exam & Certification· Other information· Benefits· Logistics· FAQs· Registration

Upcoming dates

Public dates on the website.
Synchronous, live training. Interaction with the trainer and the group.

10 July 2026
Live Online • next edition
25 September 2026
Live Online • base price
Duration: 2 days / 16h
Language: available in Portuguese or English
Training: practical and case-study based
Exam: 1 hour
PROFESSIONAL LEVEL — practical application of methods in a professional context

Why this course exists

To clarify and operationalise risk-based thinking in ISO 9001, integrating risk management into QMS processes with method and evidence.

In many organisations, risk is “implicit” in quality management, but fails at critical points: consistent criteria, prioritisation, risk treatment, evidence and integration with the improvement cycle.

This course structures the link between ISO 9001 and risk management — supported by ISO 31000 and related standards — so that quality risk stops being intuition and becomes traceable decision-making.

What this course enables you to do

Integrate risk into the QMS

Apply ISO 9001 risk-based thinking to QMS processes, aligning prevention, control and continuous improvement.

Structure assessment and treatment

Implement a risk management process to identify, analyse, evaluate and treat quality risks.

Create communication and records

Strengthen communication, consultation, monitoring, review and recording of risk, ensuring auditable evidence.

Apply through exercises and case study

Consolidate knowledge with practical exercises supported by a case study, focused on operational decisions.

Frameworks, models and structures addressed throughout the course

ISO 9001 — Risk-based thinking
ISO 31000 — Risk management principles and process
IEC 31010 — Risk assessment techniques — overview and framing
Context, risk assessment and risk treatment
Communication, consultation, monitoring and review
Recording and traceability — risk evidence in the QMS
Practical exercises supported by a case study

Value for the organisation

  • Integration of risk into the QMS with clear criteria, reducing ambiguity in decision-making.
  • Greater ability to prevent failures, reduce rework and reinforce operational consistency.
  • Strengthened evidence and traceability, useful in internal/external audits and maturity assessment.
  • Greater alignment between processes, control and continuous improvement, with a focus on results.

Introduction

The ISO 9001 Risk Manager course is based on the international standard ISO 9001 and follows a practical approach supported by a case study, where participants are invited to apply risk-based thinking and the relevant requirements of the Quality Management System (QMS) in a real scenario.

The course prepares participants to integrate risk management into QMS processes, reinforcing prevention, operational consistency and continuous improvement. It provides an applied basis on risk management concepts, principles and best practices, oriented towards decision-making and the creation of traceable evidence.

As participants progress through the course topics, relevant supporting standards and references are framed, including, among others, ISO 31000 — risk management principles and process — and IEC 31010 — risk assessment techniques — as well as additional references applicable to the quality, risk and organisational conformity context.

This course prepares participants for the ISO 9001 Risk Manager personal certification.

This Training Plan and all associated documents are protected by Copyright and registered as a literary work with IGAC.

General Objectives

At the end of the course, participants should be able to:

  • Identify the main concepts of quality management and quality risk management within the context of ISO 9001.
  • Understand and apply the risk-based thinking approach within the QMS.
  • Know the stages of risk management based on ISO 31000 and understand its integration with ISO 9001.
  • Apply the risk management process to identify, analyse, evaluate and treat quality risks.
  • Apply good practices for risk communication, consultation, monitoring, review and recording within the QMS context.

Target Audience

  • Risk Managers, quality management consultants, management representatives and risk professionals involved in ISO 31000-based frameworks.
  • Executives and senior managers responsible for ensuring alignment and value delivery from risk management to the organisation.
  • Specialists responsible for Risk Management, Compliance and/or Legal.
  • Professionals involved in the planning, implementation, operation and/or continuous improvement of a QMS and a Risk Management Framework.
  • Professionals who wish to acquire knowledge to integrate risk management into a QMS based on ISO 9001 and ISO 31000.

Prerequisites

There are no mandatory formal prerequisites. However, knowledge of ISO 9001 is recommended. Other specific requirements may apply, where relevant, depending on the quotation or proposal presented.

Programme

Contents
  1. Introduction to the course
  2. Review of ISO 9001 requirements
  3. Risk management fundamentals
  4. Risk-based thinking in ISO 9001
  5. Risk management based on ISO 31000 and related standards
  6. Context, risk assessment and risk treatment
  7. Communication, consultation, monitoring, review and recording of quality risk

Exam(s) and Certification

Exam “ISO 9001 Risk Manager”

The exam covers the following competence domains:

  • Domain 1: ISO 9001 requirements relevant to risk-based thinking
  • Domain 2: Risk management fundamentals and ISO 31000-based process
  • Domain 3: Integration of risk into the QMS: assessment, treatment, evidence, monitoring and improvement

 

Language(s): Portuguese and English.
Duration: 1 hour.
Format: Multiple choice.
Number of questions: 40 questions.
Pass mark: 260/400 points.
Results: Pass or Fail.
Issuing entity: Behaviour (legal entity), through its certification service Behaviour Certification Services.
Retake: 1 free retake within a maximum period of 12 months after the date of the initial exam.

 

Certification

After successfully completing the exam and accepting or signing the applicable agreement and Code of Ethics, the candidate obtains the ISO 9001 Risk Manager credential, issued by Behaviour (legal entity), through its certification service Behaviour Certification Services.

Behaviour® professional certification — proprietary scheme — with international recognition in the market. The scheme is designed and operated based on best practices for certification of persons, principles of impartiality and exam quality, and applicable international references, including the principles of ISO/IEC 17024.

A Certificate and a Digital Certification Badge will be issued to participants who successfully complete the certification exam and satisfy all requirements of the certification for which they are applying.

Certification programmes are valid only for individuals, and the award and maintenance of certification depend on the exam result, professional experience and compliance with the applicable agreement and Code of Ethics.

If the professional does not comply with the agreement or the Code of Ethics, the certification is not granted or is revoked.

Other Information

General Information
  • Training available in Portuguese or English.
  • Online training materials available in Portuguese or English, with online access, in accordance with the awarded conditions.
  • Behaviour digital Training Attendance Certificate with 16 CPD/CPE credits.
  • Online Certification Exam, in Portuguese or English. The exam may be taken up to 2 months from the course start date.
  • If the candidate does not pass the exam, they are entitled to one free retake within a maximum period of 2 months from the release date of the initial exam result.
  • Digital Certification Diploma and Digital Certification Badge after passing the exam and completing the application process. This process has no associated cost.
Trainer(s)
Our specialists are consultants and auditors with experience in implementation, auditing and training in risk management, with particular focus on ISO 31000, IEC 31010 and risk integration into management systems.

Benefits

View benefits
  • Practical understanding of risk-based thinking in ISO 9001 and its impact on processes, controls and evidence.
  • Reinforced capability to structure quality risk management based on ISO 31000, with integration into the QMS.
  • Improved consistency in the identification, assessment and treatment of risks, with a focus on prevention and continuous improvement.
  • Strengthened traceability and evidence useful for audits and internal governance.

Logistics

Useful information
  • Live Online (synchronous time): 09h30–13h00 and 14h00–17h30 (Lisbon time), with short breaks
  • Classroom (synchronous time): 09h30–13h00 and 14h00–17h30 (Lisbon time), with short breaks
  • 14 hours of synchronous training, distributed across 2 consecutive days
  • Estimated 2 hours of guided autonomous work, intended for content consolidation and exam preparation, carried out flexibly outside synchronous sessions
  • Requirements: computer with stable internet, updated browser, PDF reader and audio/video
Hotels in Lisbon

Find out where you can stay in Lisbon, near Behaviour, for classroom training.

Frequently Asked Questions

Objective answers to the most common questions about the ISO 9001 Risk Manager course.

Is this course only for professionals working in Quality?
No. It is suitable for Quality professionals and also for Risk Management, Compliance and management profiles, where there is a need to integrate risk into QMS processes and create traceable evidence.
What does “risk-based thinking” mean in ISO 9001?
It is the approach that requires risk and opportunity to be considered when planning and operating the QMS, translating into criteria, controls, prioritisation and risk treatment actions aligned with objectives and processes.
Do I need to know ISO 31000 to follow the course?
No. The course presents the risk management process based on ISO 31000 and shows how to integrate it with ISO 9001, through guided exercises.
What practical output can I expect from the course?
An operational understanding of how to integrate risk into the QMS and apply the risk management process to quality, supported by exercises and a case study, with a focus on decision-making, evidence and continuous improvement.

For general questions about registration, delivery modes, exams, certification and recertification, please consult the BEHAVIOUR® FAQs.

Registration

Complete the form to request your registration for the preferred edition. Check the upcoming dates.

Contact name
=

Request more information

If you would like help to frame the course within your professional or organisational context, contact us and we will indicate the most suitable path.

Request Information

Companies: request a proposal

For team registrations, we provide volume conditions and a proposal tailored to the organisational need.

Request Proposal

This course can be attended by individual professionals. It may also be integrated into capability-building paths for teams that need to apply risk-based thinking within the context of ISO 9001.