The review follows a “high level” framework, developed to be used as a common basis for all other standards, improving compatibility and integration with other certification schemes. For each company, the risks are analyzed in order to plan a management system appropriate to the needs of each reality. The new approach involves identifying risks in business processes and the appropriate measures to be taken to manage them, in addition to identifying opportunities, that is, possible solutions and countermeasures to address them. The new version of the standard involves greater involvement of top management. A “bureaucratic” simplification of system documentation was made. There is a greater flexibility for companies, who are free to choose the depth and detail they intend to use for their written documentation, which can be made on a variety of factors such as complexity of processes, staff competence etc.