Risk Management for Small Firms

Risk Management Framework

Objectives of a Risk Management Framework

A risk management framework is a set of components that provides the foundation for designing, implementing, monitoring and reviewing risk management within a firm. Although all firms manage risk to some degree, each firm may utilise different tools and techniques to support its risk identification, assessment, monitoring and control processes that are appropriate to the firm's size and internal, legal and regulatory requirements.

Documenting the framework

This guide will work through the risk management framework sequentially, describing the necessary steps required in each stage of the process. One of the key outputs of the process is a risk register that captures and consolidates risk identification, risk assessment and how these risks will be treated and managed. A sample risk register is available and will be used to illustrate an example that may be typical for sole practitioners and small firms.

Use the following links to step through the risk management process and access some useful tools and templates. You can also click each stage of the diagram above to work through the framework.

Risk management framework means the foundations (including policy, objectives, mandate and commitment to manage risk) and organisational arrangements (including plans, relationships, accountabilities, resources, processes and activities) for designing, implementing, monitoring, reviewing and continually improving risk management throughout the Firm."

APES 325

A Firm shall document its Risk Management Framework."

APES 325