Risk Management Policy



This Risk Management Policy describes the enterprise risk management policy of an organisation. It defines the scope, responsibilities and structure of the risk management system within the organisation as well as the compliance responsibilities of every individual within the organisation.

This Risk Management Policy is suitable for organisations of all sizes and complies with the guidelines of the International Standard for Risk Management.


Preview pages 1-3 | Download in Microsoft Word

No of pages



The Performance Management Company


Categories: ,


The purpose of developing a Risk Management Policy is to establish a risk management process which will enable an organisation to manage risks by anticipating, understanding and deciding whether to modify enterprise or organisational risks, and to monitor and review risks and controls implemented to modify such risks.

This Risk Management Policy was developed following the guidelines of the International Standard for Risk Management and should be read in conjunction with the following documents:

  1. Risk Management Organisational Structure
  2. Risk Management Framework
  3. Risk Management Procedures
  4. Risk Assessment Instructions Manual

Last updated

See Product Updates for information on latest updates to this document

Integrated framework

This document forms part of the set of documents used for building an integrated governance, risk management and compliance framework for an organisation. We recommend that you read our Guide to Governance Risk Management and Compliance before using this document.

Complete kit

Get our Risk Management System Complete Kit for all your risk management system documentation.

Related documents

  1. Code of Conduct
  2. Corporate Governance Framework
  3. Risk Management Organisational Structure
  4. Risk Management Framework
  5. Risk Management Procedures
  6. Risk Assessment Instructions Manual
  7. Breach Reporting Policy
  8. Breach Reporting Procedures
  9. Whistleblower Protection Policy
  10. Whistleblower Protection Procedures


  1. Preliminary information. 1
  2. Access. 1
  3. No of pages. 1
  4. Author 1
  5. Last updated. 1
  6. Integrated framework. 1
  7. Complete kit. 1
  8. Related documents. 1
  9. Revision table. 2
  10. Document location. 3
  11. Purpose. 3
  12. Scope. 3
  13. Policy statement 3
  14. Enterprise risk. 3
  15. Management responsibility. 3
    • Board of directors. 4
  16. Organisation responsibilities. 4
    • [Risk Officer etc] 4
    • [Human Resources Manager] 5
    • Senior management 5
    • Risk ownership. 6
    • Employees. 6
  17. Risk management requirements. 6
    • Risk awareness and management 6
    • Management assurance. 7
    • Non-compliance with obligations. 7
    • Breach reporting. 7
    • Periodic review.. 7


There are no reviews yet.

Be the first to review “Risk Management Policy”

Your email address will not be published. Required fields are marked *