Protecting your practice—an introduction to law firm risk management
Produced in partnership with Pam Grover-Mitchell
Protecting your practice—an introduction to law firm risk management

The following Practice Compliance guidance note Produced in partnership with Pam Grover-Mitchell provides comprehensive and up to date legal information covering:

  • Protecting your practice—an introduction to law firm risk management
  • What is risk?
  • Where to start
  • Who sets risk management strategy?
  • Considering risk
  • List and prioritise risks
  • Accountability
  • Troubleshooting
  • Maintenance and review
  • Risk management—a cultural, movable feast

Risk management is a cornerstone of a firm's governance, culture and business strategy. It requires the application of principle to specific circumstances. The challenge for law firms is that they must define their own principles.

Most lawyers easily detect potential weaknesses in day-to-day practice, but strategic management of risks to the entire practice comes less naturally.

This Practice Note sets out practical steps and considerations for law firms in managing their risks.

What is risk?

There is a widely accepted definition of risk, ie:

Risk = probability x impact

So, for any given risk faced by your business, there are two questions:

  1. how likely is it that the risk will materialise, ie what’s the probability?

  2. if the risk does materialise, how bad will it be, ie what’s the impact?

Where to start

Sound risk management starts with identifying the risks that your firm faces in the first instance. It may help to think of these as falling into some common categories:

Category of risk Explanation Example
Strategic risk Risks that could materially affect your firm's survival or profitability Reputational damage
Moving into or out of specific areas of practice
Inadvertent involvement