The Enterprise Risk Management Framework outlines the organisation’s overall approach to risk management, including the structures and practices employed to manage the current and emerging risks to the organisation’s plans and activities.
All organisations need to understand the dynamic and competitive world in which they operate, they need to be certain of their integrity of their internal processes and how they change to meet the demands of the outside world.
Implementing an Enterprise Risk Management Framework provides a formal, controlled method in which to do this.
It explains and clarifies the need to identify, manage, monitor and control and report on current and emerging risks in a constant timely and understandable manner to ensure that the organisation is able to maintain and enhance its ability to prosper.
This framework explains the types of risks faced by every organisation, sets out a method for understanding the organisations risk appetite, provides a risk management process, explains and organises the three lines of defence concept, and provides a model for Board governance.