Risk rewarded

Risk & Resilience management

KRisk specialise in the development, integration and embedding of enterprise risk management systems. Through improving organisational culture and empowering individuals to make a difference, your organisation can meet your objectives and stakeholder expectations.

Management systems should reflect the scale and complexity of your organisation. Acting as a clear reference point to which employees and stakeholders can refer, your system must be op en, flexible, unambiguous and constantly improving to allow your organisation to take calculated risks and protect the ‘downside’.

As risk management is being incorporated by the International Standards Organisation (ISO) into numerous standards, KRisk are best placed to support your organisation to ensure your systems focus on: Leadership, Planning, Support, Operation, Performance and Improvement.

At KRisk, we view this as a positive improvement and an opportunity for your organisation to move risk management into the heart of your system. KRisk are ideally placed to help your organisation through this transition over the next few years, making sure your systems work for you.

Risk & Resilience Services


A risk register is often the main reporting tool for risk across an organisation. KRisk facilitates the development of this, ensuring minimal disruption to normal operations, quality content and alignment to best practice.

• Need a risk manager urgently but there is a delay in hiring?
• Need to get risk management (or an element of it) established quickly?
• Require risk management actions to be driven forward with pace?Consider hiring one of the KRisk team as interim Risk Manager – you would be amazed at the results our clients have achieved through this.

This proven methodology helps organisations assess where they are now in risk management maturity, against where they want to get to. The output of this is a clearly defined action plan showing the steps that need to be taken to achieve desired results. This is a great basis for objective setting, resource planning

• Do you have a requirement to be aligned to a risk management standard (ISO31000)?
• Does a stakeholder require assurance on this?

KRisk works with organisations on a variety of standard alignment projects. The exact methodologies adopted depend on the needs and objectives of the client.

Workshops are an effective way to interact with people across an organisation to gather risk information. They allow people to share ideas and ask questions, inspiring them to actively engage with ERM. The aim of the workshop is to encourage participants to consider the objectives of the business, key activities and future plans to identify risks across all categories. KRisk adopt a number of techniques to help participants consider risk, including bow tie analysis.

A well thought through, defined Enterprise Risk Management strategy will drive results and ensure resources are used effectively. KRisk provides support in all elements of strategy development and implementation.

Risk based due diligence ensures thorough investigation and evaluation of business opportunity and threats. Pre-acquisition, this solution ensures required risk management processes are in place, operating as expected and any required future investment in risk management/ risk control is idenitfied.

The responsibility for legal compliance stays with the organisation, therefore the evaluation process you perform is significant to the effectiveness of your Enterprise Risk Management Systems. You should be able to determine whether your organisation has established the necessary procedures and evaluated your legal obligations in sufficient depth to demonstrate legal compliance. KRisk help make this evaluation effective within our client’s internal and external supply chain environment.

Software implementation can be a time consuming process, which distracts from day to day operations. KRisk project manage the implementation, acting as intermediary between client and software provider, ensuring costs stay to budget, timelines are adhered to and ultimately the result system meets the needs of the organisation.

Risk surveys are a fundamental tool in an organisation’s operational risk management. Assessing situations and increasing understanding, risk surveys drive change. KRisk works with our clients to design the surveys, implement them (in a variety of mediums), analyse the results and ultimately develop an action plan. KRisk always ensures engagement is inclusive and positive, recognising people are our clients buggest assets.

Risk is the thread that runs through all management system standards to ensure they are consistent and flexible. A integrated framework is a set of components that provide the foundations and organisational arrangements for designing, implementing, monitoring, reviewing and continually improving risk management throughout the organisation. We hold your hand through the development to minimise conflicts, duplication, confusion and misunderstanding of the subtly different requirements across the various ISO Standards.

An organisation achieves its purpose by delivering its products and services to its customers. It is important therefore to create an understanding of:

• The adverse impact over time that disruption of these products and services (and the associated activities) would have on the objectives and operation of the organisation.
• The inter-relationships and resource requirements of the activities that support products and services and the threats to them.

KRisk adopts business impact analysis methodology to understand our clients critical processes and develop resilience plans, so they can withstand the worst.

Anticipating and preparing for future challenges, trends, threats and opportunities is an essential
part of any organisation’s strategy. Alongside KRisk, the more responsible and lateral-thinking boardroom teams have recognised the value in a proactive horizon scanning policy and approach. This serves the dual purpose of anticipating both risks and opportunities and exploiting them to the full.

• What if the electricity supply failed?
• What if your IT networks went down?
• What if your telephones went down?For a day? For a week?
• What if key documents were lost in a fire?
• What if your staff could not gain access to a building for days, weeks or months?
• What if we had casualties?

Planning and exercising key controls is essential. KRisk works to plan and run interesting and engaging exercises from desktop walkthroughs to simulation exercises.