Risk Culture

An organization’s risk culture is the sum of the organization’s risk experiences both past and present, its business philosophy, and its values. It reflects the organization’s written and unwritten rules related to risk, its formal code of conduct with respect to risk, and the actual code of conduct exhibited daily regarding decisions of risk. ERM integrates an organization’s risk strategies across departments, business units and processes.

Comments are closed.