Enterprise Risk Management

Home Enterprise Risk Management

Enterprise risk management includes the methods and processes used by organisations to manage risks and seize opportunities in the pursuit of their objectives.


In order to execute on strategic objectives and deliver on shareholder expectations, it is imperative to implement an effective Governance, Risk and Compliance (GRC) programme. This GRC programme needs to be customised to the organisation’s industry, maturity, risk appetite and business landscape. The purpose of GRC practices is not to eliminate risk but rather to provide the necessary information to manage risk, whilst still actively pursuing new opportunities.

92% of businesses agreed that information about risk is important or critical to long-term success

Better decision-making

Promotes pro-active behaviour

Increases enterprise value

Provides assurance

Decreases losses and incidents

Builds stakeholder confidence

Enhances risk focused culture

Reduces business liability

  • Gap analysis and roadmap development
  • Risk maturity assessments
  • Development of enterprise risk management programmes and required policies and frameworks
  • Facilitation of risk assessment workshops: strategic, operational or project risk
  • Risk management training – customised training for various levels in the organisation
  • Development of reporting dashboards
  • Development of compliance risk management plans
  • Process risk and control analysis
  • Risk appetite and tolerance framework development and setting
  • Risk Management system implementation


  • Development of an ethics management framework
  • Understand the governance structures including roles and responsibilities for ethics
  • Conduct an ethics risk assessment
  • Development of ethics strategies
  • Development of the ethics policies and procedures
  • Development of ethics reporting
  • Assisting with the setup of an ethics office
  • Development of an ethics management culture
  • Development of an ethics management training and awareness programme


  • King IV Application Assessment
  • Regulatory Compliance
  • Integrated Reporting


  • Outsource and Co-source Internal Audit
  • Internal Audit Transformation
  • Internal Control Reviews
  • Financial Discipline Reviews
  • Regulatory Compliance Reviews
  • Information Technology Reviews
  • Data Analytics and continuous auditing
  • Forensic Investigation and Forensic Auditing
  • Fraud and corruption risk assessments
  • Data Analytics via our IT forensics capacity


  • Security risk assessments
  • Cyber risk management
  • Tax risk assessments

Our methodology and approach to risk management is aligned with key international and best practice standards. However, we believe in customised frameworks to ensure effectiveness and buy-in. There is no ‘one-size-fits-all solution’ when it comes to the management of risk; this will be considered in the development of the recommended solution(s).