Skip to content
Categories

Enterprise Risk Management

ERM frameworks (COSO, ISO 31000), risk appetite, risk registers, operational risk, and board-level risk governance.

Sign up to start a discussion
Share:

No Reliance on Forum Content. The information, opinions, and discussions shared on this forum are contributed by community members and LexFlag Team and do not constitute professional advice. LexFlag does not endorse, verify, or guarantee the accuracy, completeness, or reliability of any content posted.

User Identity & AI-Generated Content. There is no guarantee that users are using their real names, represent any organization, or express their own personal views. Replies and contributions may be partially or fully generated by artificial intelligence.

Independent Verification Required. You must independently verify any information obtained from this forum before making any decisions. LexFlag, its affiliates, and contributors accept no liability for any loss or damage arising from reliance on forum content.

About Enterprise Risk Management Discussions

Discuss enterprise risk management strategies, risk matrices, key risk indicators, and the three lines of defense model. This category brings together risk professionals sharing practical advice on quantifying operational risk, building risk appetites, and communicating risk to senior leadership and board-level stakeholders.

All Discussions

3 Upvotes
2 2 replies
Answered

Key risk indicators examples — what KRIs are you actually tracking?
by Sofia Mendes · 1 month ago
1 Upvotes
3 3 replies
Answered

Is the three lines of defense model actually working for anyone?
by Maya Johansson · 1 month ago
1 Upvotes
3 3 replies
Answered

Inherent risk vs residual risk — how do you explain it to non-risk people?
by Amit Desai · 1 month ago
0 Upvotes
2 2 replies
Answered

Quantifying operational risk: beyond the basic risk matrix
by Tim Larkin · 1 month ago

Frequently Asked Questions

Discussions cover risk matrices, key risk indicators (KRIs), the three lines of defense model, operational risk quantification, risk appetite frameworks, and communicating risk to boards and senior leadership. Members share templates, scoring methodologies, and lessons learned from implementing ERM programmes.

A popular approach shared by community members is to use everyday analogies: inherent risk is the risk of driving without a seatbelt or airbags, while residual risk is the remaining risk after those controls are in place. In quantitative terms, inherent risk is Likelihood × Impact before controls, and residual risk factors in the effectiveness of mitigation measures.

Community members have mixed views. Many find value in the model for establishing clear accountability, but note it works best when adapted to your organisation rather than applied rigidly. Common challenges discussed include siloed communication between lines, unclear ownership of emerging risks, and the difficulty of maintaining independence in smaller organisations.

Browse Other Categories

Anti-Money Laundering (AML)

Discuss AML compliance programs, suspicious activity reporting, transaction monitoring, and regulatory requirements from...

10 threads

Know Your Customer (KYC)

Customer identification, verification procedures, enhanced due diligence, beneficial ownership, and ongoing monitoring b...

4 threads

Sanctions Compliance

Sanctions screening, OFAC compliance, EU restrictive measures, PEP screening, and navigating complex sanctions regimes.

5 threads

Vendor Risk Management

Third-party risk assessments, vendor due diligence, supply chain risk, onboarding procedures, and ongoing vendor monitor...

2 threads

Fraud Prevention

Fraud detection methods, internal controls, whistleblower programs, investigation techniques, and emerging fraud typolog...

6 threads

ESG & Sustainability

Environmental, social, and governance risk assessment, ESG reporting, greenwashing red flags, and sustainability complia...

5 threads

General Discussion

Compliance career advice, industry news, regulatory updates, tool recommendations, and anything else compliance-related.

6 threads

Join the Discussion

Create a free account to post questions, share your expertise, and vote on the best answers.

Create Free Account

Need Help?

Our support team is here to assist you with any questions

In-App Messages

Registered users can contact support directly through the messaging system.

Login to Message Register