Risk management policy

The following Risk & Compliance precedent provides comprehensive and up to date legal information covering:

  • Risk management policy

Risk management policy

    1. 1

      Introduction

      1. 1.1

        Risk management is central to the regulatory regime under which we operate and [Insert organisation’s name] is committed to ensuring effective risk management within the business—all staff have a role to play in ensuring we achieve this.

      1. 1.2

        This policy sets out:

        1. 1.2.1

          what risk is;

        1. 1.2.2

          our approach to risk management;

        1. 1.2.3

          who is responsible for risk management;

        1. 1.2.4

          our processes for identifying, reporting and evaluating risk;

        1. 1.2.5

          our risk management policies and procedures;

        1. 1.2.6

          details of risk management training;

        1. 1.2.7

          the steps we will take to monitor and update this Risk management policy.

      1. 1.3

        It also contains our:

        1. 1.3.1

          [Risk matrix—see section 5;]

        1. 1.3.2

          Internal risk report form—see section 6.

    1. 2

      What is risk?

      1. 2.1

        Risk is the possibility of an adverse or unwelcome outcome. This could be a financial loss, but it could also be something less quantifiable, such as damage to our reputation.

      1. 2.2

        We categorise the risks we identify under three heads:

        1. 2.2.1

          strategic risk—risks that could affect our survival or profitability;

        1. 2.2.2

          operational risk—risks that are associated with our day-to-day activities;

        1. 2.2.3

          regulatory risk—the risks we face from non-compliance with our regulatory obligations.

      1. 2.3

        Some risks may fall into more than one category.

      1. 2.4

        Identifying risks is more important than meticulously categorising them. The [insert, eg risk manager] is responsible for categorising risks where possible. See sections 4 and 5 below.

    1. 3

      Our approach to risk management

      1. 3.1

        We recognise there are risks inherent in

Popular documents