Home‎ > ‎

Risk Management

RM - Implementation

Effective implementation of a Risk Management environment requires the dedicated commitment of leadership, and an understanding of the scope and objectives of the programme and environment. These will be defined in the Terms of Reference (ToR), and implemented through processes and procedures. Team and individual training and mentoring is required, along with regular reporting to a Risk Management Committee of the Board.

Risk Appetite & Tolerance

Risk Appetite, correctly defined, approached and implemented, is fundamental to organizational effectiveness and achievement of business objectives. GRMSi assists enterprises in the development of their Risk Appetite statements and associated Risk Tolerances. We also support the development of the Key Risk Indicators that provide the ability to confirm that the enterprise activity is managing risk within the appetite.

Not just a regulator requirement, Risk Appetite and Tolerance enables the Board and Owners to clearly define the level and type of risk that the business is willing to accept in the pursuit of objectives. The Risk Appetite provides guidance and the framework for managers and staff, setting out the limits to the level and types of risks that they are authorized to take.  While individual or detailed level risks are not addressed, the major risk categories and types of risks are, and the appetite to accept those risks is defined.

RM Maturity assessment

To ensure the effectiveness of the Risk Management environment, it is important that the maturity of Risk Management within the business is clearly known and understood from the outset, and can be measured at any given point in time thereafter, to avoid any misconceptions, or incorrect assumptions being made in relation to the overall credibility and reliability of the programme. GRMSi performs assessments of the maturity and effectiveness of Risk Management environments.

Business Continuity and Disaster Recovery

Rapidly returning to a pre-event status for a business is the primary objective of an effective Business Continuity, Disaster Recovery and Incident Management programme. This means planning, testing, and learning from tests and real events, and having a crisis management team trained and practiced, so then when the event (whatever that event may turn out to be) occurs, the team will respond rapidly and naturally, already having worked together through planning exercises.

Project Risk Assessment

It is generally accepted that the majority of projects fail to deliver against time, quality or cost. Common factors contribute to these project failures, not least being ineffective project governance and risk assessment that can result in issues not being seen, recorded or addressed in a timely manner. Project Risk Assessment is an ongoing process and a key element of any significant project, and is not a one-off event at the start of the project.
Solvency and ORSA Management

Regulators expect Risk Management to be at the heart of the Solvency Management process. Development and maintenance of the FLAOR (Forward Looking Assessment of Own Risk) and the ORSA (Own Risk and Solvency Assessment). GRMSi people have direct experience in the development and maintenance of the Solvency processes, and provide these services to clients where in-house resources are unable to provide support, or where such resources need support, mentoring or training.