Skip to main content
Poole College of Management
Enterprise Risk Management Initiative
ERM Leadership and Governance

Five Categories for Focusing Risk Oversight

April 26, 2011 1-min. read

A whitepaper published by Protiviti explores five categories the board may want to consider in determining whether to adopt a risk language specific to the organization for risk oversight. The five categories include:

  1. Governance risks – Risks related to the boards’ decisions concerning leadership and structure.
  2. Critical enterprise risks – The top risks that threaten the company’s strategy or viability of its business model.
  3. Board-approved risks – Risks related to decisions the board must make in regard to strategic initiatives, such as acquisitions, divestitures, major investments, or new product lines.
  4. Business management risks – Risks associated to day-to-day business activities.
  5. Emerging risks – External risks outside of the categories (1) through (4).

The risk categories listed above can be useful for the board to consider in ensuring the scope of risk oversight is adequately complete.

Original Source Link: “Five Categories for Focusing Risk Oversight,” Protiviti, February 2011

More From Enterprise Risk Management Initiative

photo of woman with e-tablet.

Techniques to Prioritize and Monitor Risks
5 Questions to Identify Potential Risks on the Horizon

Processes to Identify Risks
2024 The State of Risk Oversight Report featured image

2024 The State of Risk Oversight: An Overview of Enterprise Risk Management Practices - 15th Edition