Planning, designing and implementing an overall risk management process for the organisation;
Risk assessment, which involves analyzing & identifying risk, describing and estimating the risks affecting the business;
Establishing and quantifying the organisation's 'risk appetite', i.e. the level of risk they are prepared to accept;
Risk reporting in an appropriate way for different audiences, for example, to the board of directors so
Corporate governance involving external risk reporting to stakeholders;
Carrying out processes such as purchasing insurance, implementing health and safety measures and making business continuity plans to limit risks and prepare for if things go wrong;
Conducting audits of policy and compliance to standards, including liaison with internal and external auditors;
Providing support, education and training to staff to build risk awareness within the organisation.