Resources
A selection of free resources we've made available to the wider risk management community.
Outputs of collaboration
A selection of resources produced during specific collaborations between risk leaders in our network.
Data aggregation
Insights from our AI-powered data aggregation tools.
Top 10 principal/material risks of 2023
Top 10 emerging risks of 2023
What risks are S&P 500 companies reporting compared to the FTSE 100?
These insights have been collated using the following member-only data aggregation tools:
Benchmark reports
Bespoke reports created to help a specific member organisation benchmark their approach against other relevant companies.
Assurance mapping: 5 risk leader approaches
How are risk leaders approaching assurance mapping?
Risk taxonomy and KRIs in the resources sector
How are resource sector experts assessing risk taxonomy and KRIs?
Pulse check results: approaches to TCFD disclosure
How are risk leaders approaching TCFD disclosure?
Emerging risk: risk leader approaches
How are risk leaders approaching emerging risk?
Leveraging risk data to help the business make better decisions
How are companies and risk leaders leveraging their risk data?
AI in risk management
How is AI being leveraged by risk leaders?
Risk management software
Which risk software systems are risk leaders using? And what are the advantages of each?
Internal risk reporting processes
How do other risk leaders ensure their internal risk reporting delivers maximum value for their business?
Executive engagement with risk
How have CROs/heads of risk successfully engaged their executive on risk?
Risk appetite implementation and optimisation
How are 120 large non-financial organisations setting risk appetite?
Applying an opportunity lens to risk
What are CROs doing to align risk with strategy and enable the business to make better decisions?
Top principal/material risks in the utilities, energy/oil and metals/mining sector
Validate your external risk reports against your sector peers.
Top emerging risks and blindspots in the technology sector
Which emerging risk themes are risk leaders at 17 digital and SaaS firms most concerned about? And what blind spots might the sector have?
Technology risk in focus
How are technology risk and compliance resources organised to protect and support the business?
Risk evaluation criteria in the oil and gas sector
How are oil and gas companies evaluating their risks and what are the common trends?
Emerging risks in the renewables sector
What are the top emerging risks facing renewable energy companies? This bespoke benchmark looks at the emerging risks prioritised by eleven large multinational renewable energy companies from Australasia, the UK and Europe.
Risk appetite categories
How do ASX-listed organisations link risk appetite to the categories of risk they have identified? This pulsecheck explores the approaches of four different ASX-listed organisations.
Optimising resources for the greatest impact
How do risk leaders leverage a limited number of risk resources through planning and prioritisation? This bespoke benchmarks gives you in-depth insight from eight large organisations with small centralised teams on how they organise their calendar of activities, how those activities are prioritised, and how they make their resources have the biggest impact.
Communicating the status of material risks: 9 approaches
How do you talk with your board and executive committee about material risks? This report highlights the terms and thresholds used by 9 large listed companies to discuss material risks.
Preparing for the future of risk: people and capability report
What are the changing skills and responsibilities of Risk, and how can risk leaders prepare their teams for the opportunities that arise?
Risk management policy
What standards and guidelines are risk leaders using to guide the development of their risk management policy and/or framework, and are there any other references beyond the usual standards (i.e. ISO 31000 and COSO) that are supporting them with this task?
Risk operating models in technology companies
Take a look at the reporting lines, team structures, operating models and risk priorities at 11 digital companies operating around the world, varying from small, fast-growing start-ups to some of the largest businesses on the NASDAQ index.
Emerging risks in the telecommunications sector
12 selected telecommunications companies were asked to identify their top emerging risks under each of the PESTLE theme. They then rated each of their chosen risks by timeframe to occur, velocity and their company's ability to respond. From these responses, a list of the top 10 emerging risks affecting businesses in the telecommunications sector was compiled.
Aligning risk and resilience to build maturity
This deep-dive analysis provides a closer look at how six organisations across multiple sectors, including national infrastructure, mining and software are bringing risk and resilience together to become more resilient to change.
Risk operating models at multinational manufacturers
Benchmark data from 11 selected multinational manufacturers with multiple global sites, giving a breakdown of risk operating model, the breakdown of Risk team components/resource and their priorities.
Risk operating models in the energy and utilities sectors
Interviews with a select group of 10 oil and gas, energy and utilities companies to offer insight into the risk team structure, capacity, resources, and risk reporting lines. The companies included operate in Australia, the Middle East and the United Kingdon and include listed enterprises, private companies and a mix of upstream and downstream providers.
Risk operating models in MENA
Insights into the risk reporting lines, team structure and overall operating model at 10 companies in the Middle East and North Africa (MENA) region, varying in size and sector including chemicals and materials, construction, retail and non-profit.
Feature-length guides
These longer articles collate insights shared over various network meetings and collaborations.
What is risk appetite and how do you implement it?
How to create standout risk reports that demonstrate the real value of Risk
Emerging risks: how are businesses managing their blind spots?
Network insights
Short thought leadership pieces based on our discussions with members and other risk leaders.
Implementing a GRC system: key steps and traps to avoid
An increasing number of companies are transitioning from using spreadsheets for ri…
TCFD reporting: four steps to success
Many organisations have now issued several years’ worth of disclosures. So is the …
Risk transformation: five starting questions
Risk transformation is a broad term, so what does it really entail? And, if you’ve…
Three steps to develop organisation-wide assurance
An effective assurance programme is not only predicated on the first-line business…
Five ways to partner with the business to develop KRIs
The number of key risk indicators (KRIs) companies employ will vary based on their…
How has risk appetite evolved in the past 3 years?
We believe risk appetite is maturing across the profession. Of course, organisatio…
How can risk appetite add value throughout the whole organisation?
The majority of risk practitioners believe that risk appetite is useful at all lev…
How to drive greater risk awareness by strengthening partnerships with Strategy
Many risk teams experience challenges when it comes to establishing their involvem…
Choosing a new risk software system - through collaboration
You know you need to implement new risk management software. Maybe you're just sta…
Five ways to boost executive engagement with risk
On paper, building engagement with executives would appear straightforward. Unlike…
Data risk: five mistakes your organisation could be making
In the fast-changing context of AI and other technological developments, it is bec…
How are risk leaders preparing their teams for the future?
Mature CROs are focusing on the future of the risk profession and how they can evo…
Collaboration in action: UK Corporate Governance Code Reform
Why are risk leaders choosing to collaborate with peers as a first response to the…
Risk Culture Maturity Framework: a bespoke solution to a member priority
What does good risk culture look like? How do you know that your risk culture prog…
Three big picture plans from CROs in 2024
Looking beyond business-as-usual tasks and to-do lists, what are risk leaders' big…
Top emerging risks in the technology sector
Technology companies are at the forefront of innovation, and ahead of the curve wi…
Communicating the status of material risks: three common approaches and three alternatives
How do you talk with your board and executive committee about material risk? For m…
Lean team, bigger impact: three ways to optimise risk resourcing and planning
Even at large multinational organisations, the group-level ERM function is often r…
Six "no-regret" actions companies are implementing to prepare for UK Corporate Governance reform
Due to the uncertainty and lack of clarity around UK Corporate Governance Code ref…
What are companies doing to develop an Audit and Assurance Policy?
As a result of upcoming changes to the UK Corporate Governance Code, companies wil…
Three ways your peers are developing their risk function in light of emerging risks
While risk leaders are already looking ahead three years, five years or even ten y…
Five ways to elevate Risk across your business
As risk leaders begin to shift their focus away from risk registers and other exam…
What risks are S&P 500 companies reporting compared to the FTSE 100?
Do listed businesses in the US have a different risk profile to other companies ar…
How are CROs preparing for changes to the UK Corporate Governance Code?
In response to the Financial Reporting Council's (FRC) position paper on how it wi…
Quantitative risk analysis: 5 applications for effective risk management
Leveraging quantitative risk analysis (QRA) methods to enhance the clarity of risk…
What are the risk priorities of technology companies?
How does a culture of innovation and doing things differently influence the risk p…
AI and risk management - 5 actions your peers are taking now
Public awareness of artificial intelligence has exploded in 2023, as technologies …
Double materiality: five assessment methods businesses are using
Risks relating to the three pillars of ESG - environment, social and governance - …
How to apply AI to risk management
Leveraging AI to revolutionise risk management is a goal among progressive CROs an…