A properly structured Risk Management process aligned with ISO 31000 is a vital support to strategic and business planning. If well implemented it provides greater assurance that objectives will be achieved and that damaging events will not or are less likely to happen. P&A’s approach to helping our clients achieve a best practice Risk Management process depends on how far along the journey they have progressed. For those with no Risk Management process we provide guidance in developing an appropriate framework along with constituent elements including:

  • Risk Appetite Statements
  • Risk Identification and Assessment
  • Risk Control Measures
  • Risk Audits
  • Performance and Control Indicators
  • Incident Reporting and Management
  • Risk Management Software

For those whose Risk Management process is failing (either due to its being over burdensome or its failure to identify and control risks appropriately), we work closely with all involved to determine the root causes of the failure and to develop a change management process to address the gaps between current and ideal states. Typical systematic problems can include:

  • Risk definition is too general
  • Risk definition is too detailed
  • Inadequate risk control
  • Viewed as bureaucratic, paper-based task
  • Process lacks improvement cycle.


Privacy Policy | Terms of Use | Site Map © Pigott & Associates, LLC