11 - Manage Enterprise Risk, Compliance, Remediation, and Resiliency

Ensuring that an organization effectively manages its risk. Process groups are aligned with traditional risk management activities.

11.0Manage Enterprise Risk, Compliance, Remediation, and Resiliency
11.1 Manage enterprise risk  
11.1.1  Establish the enterprise risk framework and policies   Determine risk tolerance for organization   Develop and maintain enterprise risk policies and procedures   Identify and implement enterprise risk management tools   Coordinate the sharing of risk knowledge across the organization   Prepare and report enterprise risk to executive management and board
11.1.2  Oversee and coordinate enterprise risk management activities   Identify enterprise level risks   Assess risks to determine which to mitigate   Develop risk mitigation and management strategy and integrate with existing performance management processes   Verify business unit and functional risk mitigation plans are implemented   Ensure risks and risk mitigation actions are monitored   Report on enterprise risk activities   Coordinate business unit and functional risk management activities   Ensure that each business unit/function follows the enterprise risk management process   Ensure that each business unit/function follows the enterprise risk reporting process
11.1.3  Manage business unit and function risk   Identify risks   Assess risks using enterprise risk framework policies and procedures   Develop mitigation plans for risks    Assess adequacy of insurance coverage   Implement mitigation plans for risks   Monitor risks   Analyze risk activities and update plans   Report on risk activities
11.2 Manage compliance  
11.2.1  Establish compliance framework and policies   Develop enterprise compliance policies and procedures   Implement enterprise compliance activities   Manage internal audits   Maintain controls-related technologies and tools
11.2.2  Manage regulatory compliance   Develop regulatory compliance procedures   Identify applicable regulatory requirements   Monitor the regulatory environment for changing or emerging regulations   Assess current compliance position and identify weaknesses or shortfalls therein   Implement missing or stronger regulatory compliance controls and policies   Monitor and test regulatory compliance position and existing controls   Compile and communicate compliance scorecard(s)   Compile and communicate internal and regulatory compliance reports   Maintain relationships with regulators as appropriate
11.3 Manage remediation efforts  
11.3.1  Create remediation plans 
11.3.2  Contact and confer with experts 
11.3.3  Identify/dedicate resources 
11.3.4  Investigate legal aspects 
11.3.5  Investigate damage cause 
11.3.6  Amend or create policy 
11.4 Manage business resiliency  
11.4.1  Develop the business resilience strategy
11.4.2  Perform continuous business operations planning
11.4.3  Test continuous business operations
11.4.4  Maintain continuous business operations
11.4.5  Share knowledge of specific risks across other parts of the organization

Process and performance improvement, helps organizations adapt to rapidly changing environments, build new and better ways to work, and succeed in a competitive marketplace. With a focus on productivity, knowledge management, benchmarking, and quality improvement initiatives, organisations such as the APQC works with its member organizations to identify best practices; discover effective methods of improvement; broadly disseminate findings; and connect individuals with one another and the knowledge, training, and tools they need to succeed.
This APQC Process Classification Framework® (“PCF”) is an open standard developed by APQC, a nonprofit that promotes benchmarking and best practices worldwide. The PCF is intended to facilitate organizational improvement through process management and benchmarking, regardless of industry, size, or geography. To download the full PCF or industry-specific versions of the PCF, as well as associated measures and benchmarking, please visit www.apqc.org/pcf.

APQC logo


Sponsor information

APQC logo

Latest News