Risk Management

ISO 31000 vs IEC 31010 vs Bow-Tie: Which One Fits Executive Risk Governance?

ISO 31000 sets the rules, IEC 31010 helps choose the method, and Bow-Tie only works well after the decision is already clear.

By 6 min read
risk management scene on iso 31000 vs iec 31010 vs bow tie which one fits executive risk governance — ISO 31000 vs IEC 31010

Key takeaways

  1. 01Start with ISO 31000 when the problem is governance, ownership, or risk criteria, because technique choice comes later.
  2. 02Use IEC 31010 when the team knows the question and needs the best method for that question, not a generic tool.
  3. 03Use Bow-Tie when the scenario is clear and the team needs barrier logic, escalation, and field proof.
  4. 04Do not let a diagram replace a decision, because picture quality does not control exposure.
  5. 05If your team needs help sequencing risk work, Andreza Araujo and ACS Global Ventures can anchor the conversation.

Risk governance fails when leaders ask which tool to use before they agree on the decision they need to make. Across 25+ years leading EHS at multinationals, Andreza Araujo has seen teams reach for a diagram, a workshop, or a catalog of methods while the real gap sat one level above them because no one had defined the decision, the owner, or the evidence needed to act. That is why ISO 31000, IEC 31010, and Bow-Tie should be compared as separate layers rather than as rivals.

As Andreza Araujo argues in The Illusion of Compliance, a document can look right while the field is wrong. That warning matters here because a polished model does not reduce risk unless it changes who decides, what gets checked, and how the work is stopped when the control is weak.

Why this comparison matters when the decision has consequences

The common market habit is to start with the visual tool because it feels concrete. That habit fails when executives need to govern exposure, because the person who selects the method often receives praise for being rigorous while the organization still has no shared rule for what is intolerable, what can be accepted temporarily, and what must be escalated.

In more than 250 cultural transformation projects supported by Andreza Araujo's team, the faster wins happened when leaders separated governance from technique. They first defined the decision, then chose the method, and only then asked the field to provide evidence, which is why risk work moved faster and with less theater.

What each one is built to do

ISO 31000 is the governance layer. It tells the organization to set context, decide criteria, assign ownership, treat risk, and review the result. IEC 31010 sits one level below it, because it catalogues assessment techniques and helps you choose the one that matches the question. Bow-Tie is narrower again, since it turns a scenario into a visual chain of barriers, top event, and escalation path.

The wrong way to use them is to pretend they compete. They do not. ISO 31000 gives the operating rules for the conversation, IEC 31010 helps select the analytic method, and Bow-Tie helps people see whether the barrier logic still holds when production pressure rises.

ToolMain jobBest userWhat it does not do
ISO 31000Set principles, context, criteria, ownership, reviewBoard and executive teamIt does not choose the technique for you
IEC 31010Help choose the assessment methodEHS, risk, engineeringIt does not set risk appetite
Bow-TieShow hazards, barriers, and escalationOperations and field leadersIt does not replace governance

Why ISO 31000 belongs first

When an executive team cannot say which risks are acceptable, which require treatment, and which can only proceed under temporary exception, the work is not ready for a technique catalog. ISO 31000 belongs first because it forces the conversation about context and criteria before anyone draws a picture.

That is also where The Illusion of Compliance matters, because a clean file can hide a weak field, and the organization needs criteria before it needs a diagram. A board that asks for Bow-Tie before it sets risk appetite is often looking for comfort, not clarity, which leaves the more basic question of who can stop work unanswered.

Why IEC 31010 belongs second

Once the decision is defined, IEC 31010 is useful because it stops teams from using the same method for every question. A process change, a contractor mobilization, and a stored-energy problem do not need the same technique, and the catalog helps the team choose between workshops, scenario analysis, and deeper studies.

This is the point where risk assessment techniques becomes a useful companion, because the catalog only helps when the reader knows how the families differ in scope, speed, and depth. If the team already knows the question and the time available, IEC 31010 saves them from forcing one method onto every risk.

Why Bow-Tie belongs third

Bow-Tie works best when the scenario is already clear and the question is barrier integrity. It is strong because it shows how a hazard can move toward a top event, which barriers are preventive, which are mitigative, and who owns each one.

It is weaker when the team expects it to define the whole risk strategy, because a picture cannot replace criteria or governance. In field terms, Bow-Tie is valuable only when it can answer a question the operation cares about, which is why the article on Bow-Tie vs FMEA vs critical control verification goes deeper into the point that barrier logic must be tied to field proof.

When a shutdown team, for example, needs to know whether a barrier failed before restart, the diagram helps. When the company does not know what an unacceptable gap looks like, the diagram only frames the gap more neatly.

The traps that make the method look right but change nothing

The main trap is that teams buy a tool before they build decision discipline. They want a vendor demo, a workshop, or a format that looks mature, although the organization has not yet defined who owns the risk, what evidence counts, or how fast a weak signal must reach the people with power.

A second trap is to use a diagram as if it were a management system. A Bow-Tie can show barriers, but it cannot force a manager to fund a redesign, refuse a deferred maintenance request, or shut down a repeating hazard, and that is where compliance theater starts. As The Illusion of Compliance reminds leaders, paper rarely absorbs energy.

A third trap is to let the method live far from the work. When the people who draw the map never verify the barrier in the field, the whole exercise becomes a meeting artifact, and Andreza Araujo has seen that pattern often enough to treat it as an early warning rather than a harmless admin problem.

Which audience should start where

If the audience is the board or the executive team, start with ISO 31000, because the first job is to set risk rules and ownership. If the audience is the technical team, move to IEC 31010 next, because the second job is to choose the right method. If the audience is operations or maintenance, bring Bow-Tie in only when the team must check barrier ownership and restart proof in the field.

The practical shorthand is simple. Start where the question lives, because the board needs rule-setting, the specialist needs method choice, and the field needs barrier clarity. That is also why the article on risk management decisions that turn control into theater pairs well with this one, since both pieces ask leaders to define the decision before they decorate it.

AudienceStart withThen useWhy
Board and C-levelISO 31000IEC 31010They need criteria and ownership before technique
EHS or risk leadISO 31000IEC 31010They need a method that fits the question
Operations or maintenanceBow-TieISO 31000They need barrier ownership and restart proof
Project or change teamISO 31000IEC 31010They need decision rules before the change

A 30-day sequence for the next executive review

  1. Week 1, define three risk decisions that matter this quarter and write the criteria for each one.
  2. Week 2, choose one technique from IEC 31010 for each decision and record why the others were weaker.
  3. Week 3, use Bow-Tie on one high-consequence scenario and test whether each barrier has a real owner.
  4. Week 4, verify one barrier in the field and close the loop with the executive owner.

This sequence is simple because it keeps the work in order, although it is not easy when production pressure is loud. If the team needs an operational next step, the article on how to build a risk escalation trigger pairs well with week 4, because a weak signal needs a path before it needs a nicer slide.

The same sequence also helps when the risk register has gone stale, since the executive review then has to reconnect criteria, methods, and owners instead of treating the register as a storage file. For that reason, the article on risk register explained is a useful companion if the team wants to tighten the record before the next meeting.

FAQ

What is the difference between ISO 31000 and IEC 31010? ISO 31000 sets the principles, criteria, and review rhythm, while IEC 31010 helps the team choose the technique that fits the question.

Does Bow-Tie replace risk assessment? No. Bow-Tie helps with one part of the work, because it shows barriers and escalation, but it does not set the rules that make the work acceptable or unacceptable.

Which one should an executive ask for first? ISO 31000 should come first, since executives need decision rules and ownership before they ask for a deeper method.

When should the team use Bow-Tie? Use Bow-Tie when the scenario is clear and the question is whether the barriers are strong enough to hold under pressure.

What if the risk register is stale? Start with criteria and ownership, then refresh one high-consequence scenario with the right method and a field check, because a live register needs decisions, not only entries.

The best question is not which tool is best, but which decision the organization needs to make now. Andreza Araujo's work helps leadership teams sequence the question so the method serves the decision, not the other way around.

Topics risk-management iso-31000 iec-31010 bow-tie risk-governance executive-governance

Frequently asked questions

What is the difference between ISO 31000 and IEC 31010?
ISO 31000 sets the principles, criteria, and review rhythm, while IEC 31010 helps the team choose the technique that fits the question.
Does Bow-Tie replace risk assessment?
No. Bow-Tie helps with one part of the work, because it shows barriers and escalation, but it does not set the rules that make the work acceptable or unacceptable.
Which one should an executive ask for first?
ISO 31000 should come first, since executives need decision rules and ownership before they ask for a deeper method.
When should the team use Bow-Tie?
Use Bow-Tie when the scenario is clear and the question is whether the barriers are strong enough to hold under pressure.
What if the risk register is stale?
Start with criteria and ownership, then refresh one high-consequence scenario with the right method and a field check, because a live register needs decisions, not only entries.

About the author

Andreza Araújo

Safety Culture Expert | Senior EHS Executive

Andreza Araújo is a safety culture expert and senior EHS executive with more than 25 years of experience in environment, health and safety. She is a Civil Engineer and Occupational Safety Engineer from Unicamp, holds a Master's degree in Environmental Diplomacy from the University of Geneva, and completed sustainability studies at IMD Switzerland. Andreza has served in Global Head of EHS roles in Fortune 500 environments, leading cultural transformation programs across multinational operations. She has represented Brazil as a speaker at the United Nations in Paris and has spoken at the International Labour Organization in Turin. She is the author of more than 16 books on safety culture in Portuguese, Spanish, English and German. Her work has earned more than 10 EHS awards, including two recognitions from Indra Nooyi, former PepsiCo CEO.

  • Civil & Safety Engineer (Unicamp)
  • M.A. Environmental Diplomacy (University of Geneva)
  • Sustainability Cert (IMD Switzerland)
  • People Management & Coaching (Ohio University)
  • UN Paris speaker representative for Brazil
  • ILO Turin speaker
  • LinkedIn Top Voice
  • Indra Nooyi PepsiCo CEO recognition (2x)

Documentaries

Watch Andreza's documentaries

Three productions on safety culture, organizational failure and the human lessons behind major disasters.

Podcasts

Listen to Andreza's podcasts

She hosts three shows on safety leadership, EHS and organizational culture, in English and Portuguese.

Summarize with AI