Organisational risk refers to the risk of failing to achieve your business objectives due to inadequate or failed internal processes, people and systems, or from external events. Risks can include fraud, security, privacy protection, legal risks, physical (e.g. infrastructure shutdown) or environmental risks.
Our experienced team can assist you through the whole of life cycle of risk management from development of a risk management framework through to preparing specific strategic risk registers to finally reviewing existing processes.
Risk Management Framework
Our team will work with you to develop an enterprise wide risk management framework. This will assist in identifying risks that may prevent you achieving business objectives as well as identifying the internal processes, people and systems managing the risks and opportunities for improvement.
We can assist your organisation by developing a risk management framework that includes a risk management policy and risk management framework document. These documents will form the basis of your approach to managing risks within the organisation and include:
- The overall objective of the risk management process
- A statement attesting Governance’s commitment to risk management and its application to management and staff
- Details of responsibilities for risk management across the organisation
- A definition of risk in the context of your organisation
- Additional detail to support the risk management policy
- Roles and responsibilities for risk including the Audit and Risk Committee and Risk management team
- Risk management processes
Risk assessment content to inform the development of future risk registers and provide Governance with direction when assessing and treating
risks within the organisation including
- Risk criteria
- Risk identification
- Risk analysis matrix
- Risk evaluation
- Risk appetite
- Risk treatment
- Monitoring and review
Audit and Risk Committee
Are you in the process of implementing an audit and risk committee or wish to review the maturity of your committee?
We are able to review the composition, charter, meeting set up and responsibilities of your audit and risk committee. We provide tailored recommendations to maximise the contribution your audit and risk committee is making to improve processes and mitigate risk.
Governance Risk Workshops
Underpinning the success of any risk management framework is the shared understanding by Governance or what organisational and strategic risk encompasses and the impact this has on decision making. We are able to run Governance risk workshops that calibrate Governance’s understanding of risk. Our risk workshops broadly include:
- Discussion around the existing or proposed risk management framework with the view of ensuring the Governance understand the risk management framework and can contribute to the enhancement of the Framework;
- Collaborative discussion and exercises to come to an agreed appetite for risk that will underpin the assessment and treatment of the identified risks;
- Identification of the key risks facing the organisation. Discussion is focused on the critical strategic and high level operational risks that governance considers has an impact on the organization achieving it’s long term objectives. These risks will form the initial stage of development of a strategic risk register.
Strategic Risk Register
Once you have established your risk management framework we are able to work with you to develop strategic risk registers. These registers broadly identify risks to the organisation, and the existing processes and controls in place. The value this provides management is the ability to assess whether these risks are adequately mitigated or require additional work to ensure they do not negatively impact upon the business and it’s operations in the future. The strategic risk register broadly includes the following content:
- Risk schedules
- Risk ranking (likelihood and impact)
- Identification of control strategies
- Effectiveness of controls
- Residual risk assessment
- Treatment strategies