The Institute of Risk Management (IRM) has led the debate on risk culture for nearly 30 years. Drawing upon the wealth of practical experience and expert knowledge across the Institute, IRM has developed guidance for organisations wanting a greater understanding of their own culture and the practical tools which can drive change.
As the business press shows daily, embedding reliable risk management into an organisation is a difficult task. Boards and Trustees must both consistently prioritise risk management and continually review their culture, people and processes.
What do we mean by a risk culture?
Risk culture is a term describing the values, beliefs, knowledge, attitudes and understanding about risk shared by a group of people with a common purpose. This applies to all organisations – including private companies, public bodies, governments and not-for-profits.
What does a good risk culture look like?
Effective risk culture is one that enables and rewards individuals and groups for taking the right risks in an informed manner.
IRM’s Risk Culture Framework
The IRM has developed a Risk Culture Framework to help influence the risk culture within any organisation. The diagram simplifies a complex and interrelated set of relationships into a high-level approach to the various influences on risk culture.
Risk culture remains a developing area and what we have produced will not be the last word on the subject. IRM expect the guidance to evolve as new models and tools emerge.
Source: Risk Culture