Enterprise Risk Register® in Use

Managing risks with Enterprise Risk Register®

Risks are everywhere. They may happen to people, property, processes, business continuity, reputation or the environment. There is no success without taking risks. However, risks can be mitigated and managed. This is the job of risk management.

There are couple of regulations, standards and similar documents that require risk management because risk management is an integrated element of modern management. For example:

The Risk Management System

Successful risk management is based on a systematic approach: the risk management system. An approach that originally was developed in quality management serves well for designing a risk management system. It is the process approach of Plan - Do - Check - Act or short PDCA model.

The PDCA approach to risk management distinguishes four steps:

PLAN: The PLAN step is about establishing a risk management policy, objectives, targets, processes and procedures relevant to managing risks.
DO: The DO step is implementing and operating what was planned, i.e. risk management policy, controls, processes and procedures.
CHECK: Is the risk management system effective and efficient? The CHECK step is about auditing the risk management system performance against policy, objectives, and practical experience.
ACT: On any audit findings of the CHECK step the ACT step takes corrective and preventive actions in order to achieve continuous improvement of the risk management system.