ERR Strategy and Framework Development

National Rail Operator Case Study


A national rail operator was undergoing an exciting period of transition and development as a new parent company took over operations. With this change came a focus on the achievement of new strategic objectives for the extended enterprise – to deliver on the promise of transformation in rail travel across the country.

Our client was looking for a partner to support the development and embedding of Enterprise Risk & Resilience Management. This would enable the flow of risk information throughout the organisation, ensuring the right risk information reached the right people, at the right time, in a format that aides understanding.

Embedding effective Enterprise Risk & Resilience Management was especially critical due to current company structure – it was an alliance between two different entities, each with their own objectives, cultures and group risk reporting requirements.

How did we do it?

KRisk worked with our client over a period of six months on all aspects of Enterprise Risk & Resilience Management. Starting with a gap analysis of existing Risk & Resilience Management processes and procedures, compared against best practice as well as the organisations own objectives for Risk & Resilience Management, an action plan was created. KRisk worked with our client to implement all areas of this action plan, including:

• Role profile and recruitment of a Risk Manager
• Development of risk governance procedures
• Creation of department and organisation wide risk registers
• Development of an integrated risk framework on the internal Sharepoint site
• Group risk reporting structures and formats
• Delivery of bespoke in-house training

Delivery of bespoke in-house training was particularly important to ensure people had the knowledge and skills to embed proactive risk management into their own departments.


This 6 month projects benefited our client in a number of areas:

• Proactive engagement with group on Risk & Resilience Management
• Enhanced decision making across the joint venture
• Clear and consistent understanding of the corporate risk profile
• More effective mitigation of key risks
• Compliance with regulation
• Consistency of approach
• Company-wide understanding of risk
• Demonstration to external stakeholders that risks are effectively considered and managed

KRisk has remained a risk management adviser to the client, providing additional support when required.


Sustainability Director and Director of Finance

‘KRisk were extremely focused and efficient with the engagement and delivery of the project outputs and agreed methodologies. They helped ensure a common risk language was understood and helped put the foundations in place for a proactive culture to develop. Also, our external auditors were complimentary about the framework and procedures that were put in place by KRisk.’