Risk Governance

Identify, evaluate and manage risks by developing and implementing risk management strategies, frameworks, policies, procedures and practices



Competency Area

Risk Management, Governance and Regulatory Compliance


Analyse and implement risk management procedures

Assist with risk planning in consultation with relevant stakeholders

Support risk assessment at operational level

Implement risk controls according to defined risk management policies and plans

Identify and assess possible risk response activities for consideration in the risk management process

Conduct risk response activities in accordance with risk management plans

Apply change management techniques to facilitate implementation of risk controls, risk management and risk response activities

Document and track risk management outcomes according to information format requirements and present documentation to relevant stakeholders for review

Identify and analyse risk events, evaluate and implement risk response activities

Establish risk context to define scope of risk management process in the business unit

Identify and analyse risk events and threats in the business unit through risk assessments

Identify necessary risk controls and risk response activities to support risk management strategies

Implement risk control strategies

Monitor risk control indicators and conduct periodic testing for quality assurance

Implement procedures to inform employees of risk management process and activities

Distinguish roles and responsibilities for risk management among legal, compliance, risk management units and those expected of front office units

Drive organisation’s risk management framework, policy and process

Review risk points and set target risk for the organisation in consultation with relevant stakeholders

Drive risk assessment activities to identify risk events and analyse risks in the organisation as part of the risk management process

Design risk management strategies, framework and key risk management processes in consultation with relevant stakeholders

Direct development of risk control and risk response activities aligned to overall risk management strategies

Evaluate appropriateness of various risk controls and risk response activities from enterprise perspectives

Communicate risk management framework, best practices and processes to employees

Communicate impact of enterprise risk management practices on organisation