A key goal for the design of any organisational framework should be to integrate it into business-as-usual. So that it is simply “how things are done around here”. Especially for a risk framework.
Risk management, not risk taking, still suffers from an abundance of misperception of it being a compliance activity. Something that has to be done as an extra and not really related to “real work”.
Last week I gave a tip on how to make your risk framework easily digestible by a leader so they take the t



