Risk management policy—law firms

Published by a LexisNexis Practice Compliance expert
Precedents

Risk management policy—law firms

Published by a LexisNexis Practice Compliance expert

Precedents
imgtext
    1. 1

      Introduction

      1. 1.1

        risk management is central to the regulatory regime under which we operate. [Insert name of firm] is committed to ensuring effective risk management within the firm and all staff have a role to play in ensuring we achieve this.

      1. 1.2

        This policy sets out:

        1. 1.2.1

          what is risk;

        1. 1.2.2

          our approach to risk management;

        1. 1.2.3

          who is responsible for risk management;

        1. 1.2.4

          our processes for identifying, reporting and evaluating risk;

        1. 1.2.5

          our risk management policies and procedures;

        1. 1.2.6

          details of risk management training;

        1. 1.2.7

          the steps we will take to monitor and update this risk management policy.

    1. 2

      What is risk?

      1. 2.1

        Risk is the possibility of an adverse or unwelcome outcome. This could be a financial loss, but it could also be something less quantifiable, such as damage to our reputation.

      1. 2.2

        We categorise the risks we identify under three heads:

        1. 2.2.1

          strategic risk—risks that could affect our survival or profitability;

        1. 2.2.2

          operational risk—risks that are associated with our day-to-day activities;

        1. 2.2.3

          regulatory risk—the risks we face from non-compliance with our regulatory obligations.

      1. 2.3

        Some risks may fall into more than one category.

      1. 2.4

        Identifying

Powered by Lexis+®
Jurisdiction(s):
United Kingdom
Key definition:
risk definition
What does risk mean?

any reasonably identifiable circumstance or event having a potentially adverse effect on the security of network and information systems

Popular documents