Legal risk management
Legal risk management

The following In-house Advisor practice note provides comprehensive and up to date legal information covering:

  • Legal risk management
  • Identifying legal risk
  • Dealing with changes in circumstance
  • Classifying the level of risk
  • Risk rating
  • Playbooks and impact assessments

This Practice Note aims to help in-house lawyers identify and measure legal risks faced by their organisation.

Identifying legal risk

To be effective, legal risk management must be based on a thorough understanding of the business' risks.

All businesses need to deal with a variety of risks. These might include:

  1. business strategy risks, eg:

    1. core values

    2. business ethos

    3. public reputation

  2. commercial risks, eg:

    1. contractual obligations

    2. intellectual property

    3. business structure (including tax)

  3. compliance risks, eg:

    1. anti-bribery and corruption

    2. information governance

    3. health and safety

Some industries have specific regulatory risks that also need to be considered eg rules or requirements set by:

  1. Competition and Markets Authority (CMA)

  2. Financial Conduct Authority (FCA)

  3. pharmaceutical regulators

  4. healthcare regulators

  5. consumer regulators

For further guidance on business risk management, see Practice Note: Identifying and evaluating risk across the business (subject to subscription).

A better understanding of the legal risks faced by the organisation can be gained by undertaking a legal risk audit. A legal risk audit seeks to investigate and capture the legal risks faced by an organisation and to allow the opportunity to devise and implement a means to reduce or eliminate those risks. See Precedent: Risk audit (subject to subscription).

Dealing with changes in circumstance

It is vital that you are in a position to deal with any changes to the legal environment your business works in. In ord

Popular documents