ABSTRACT
Understanding the risk management process is essential for all risk/compliance/assurance professionals, as well as for those overseeing the process in senior leadership roles. Effective risk management relies on gathering relevant information and feedback, hence the need for consultation with both internal and external stakeholders and relevant experts. Communication is needed to promote awareness and understanding of risk. It helps ensure that members of the organisation are clear about their role in risk management. An understanding of organisational context provides an understanding of how much risk the organisation is willing to take, on key risk criteria, in order to achieve its objectives. Risk assessment includes three sub-processes: identification, analysis and evaluation. The risk treatment stage includes selecting, planning and implementing treatments. A fundamental principle of reporting risk is that reports should focus on the organisation’s chosen risk criteria. Successful risk management requires ongoing monitoring and review.
