The guidance given in this document outlines how an organization can implement effective arrangements for managing risk, to ensure that it meets its corporate governance needs. A Plan-Do-Check-Act framework is used, which is consistent with the approach in management system standards such as BS EN ISO 9000.

This guidance is applicable to any organization that wishes to:

• establish arrangements at top management level to identify and mitigate strategic risks
• implement, maintain and continually improve its strategic management of risks in a manner which is consistent with its policy
  
• assure itself of conformance with its policy
  
• make a self-determination and self-declaration of its performance on an annual basis.