Risk management

Our framework and policy for identifying, weighing and addressing risks

Risk is an uncertain event or set of events which, should it occur, will have an effect on the achievement of objectives. In simple terms, risk is regarded as 'uncertainty'. A risk is measured by a combination of the probability of a perceived threat or opportunity occurring and the magnitude of its impact on objectives. As external and internal events occur, context and knowledge change, monitoring and reviewing of risks along with their causes and impacts takes place, new risks emerge, some change and others disappear. 

Our Risk Management Framework describes the process and method by which we identify, weigh and address risks.

  1. Introduction
  2. Risk Management
  3. Assurance
  4. Framework
  5. Mandate and Commitment
  6. Risk Management Rationale
  7. Risk Treatment
  8. Recording & Transparency
  9. Monitoring & Reporting
  10. Accountability
  11. Risk Appetite
  • Appendix 1. Strategic/Operational Risk Matrix 
  • Appendix 2. Risk Appetite Levels and Descriptions
  • Appendix 3. Collection Custodianship Risk Appetite - Physical Items 
  • Appendix 4. Collection Custodianship Risk Appetite - Digital and Digitised Collection Items