Risk management is still approached from the point of view of it being one aspect of internal control, which itself is one aspect of corporate governance
The need to “define a framework” within which risk management is to beundertaken is still a key message within the revised guide
Much of the guidance still revolves around the application of a risk management process which enables organizations to identify, assess and control risk.
The need to embed and review risk management is still seen as a key element of implementing an effective approach to risk management
The guide still provides guidance about how risk management needs to be tailored to meet the needs of different organizational perspectives, i.e. strategic, programme, project and operational
There is still guidance on the use and application of a wide range of risk management techniques.The M_o_R framework, based on the four core concepts of principles, approach, process and embed and review has also been retained.