You are here: Home / SFIA 6 / Skills / Strategy and architecture / Business strategy and planning / Business risk management

Business risk management BURM

The planning and implementation of organisation-wide processes and procedures for the management of risk to the success or integrity of the business, especially those arising from the use of information technology, reduction or non-availability of energy supply or inappropriate disposal of materials, hardware or data.

Business risk management: Level 7

Establishes strategy for addressing risks arising from business operations and change. Provides resources to implement the strategy, and delegates authority for detailed planning and execution of risk management activities.

Business risk management: Level 6

Plans and manages the implementation of organisation-wide processes and procedures, tools and techniques for the identification, assessment, and management of risk inherent in the operation of business processes and of potential risks arising from planned change.

Business risk management: Level 5

Carries out risk assessment within a defined functional or technical area of business. Uses consistent processes for identifying potential risk events, quantifying and documenting the probability of occurrence and the impact on the business. Refers to domain experts for guidance on specialised areas of risk, such as architecture and environment. Co-ordinates the development of countermeasures and contingency plans.

Business risk management: Level 4

Investigates and reports on hazards and potential risk events within a specific function or business area.