Complimentary report from Enablon by Forrester Research, Inc.


As a risk professional, you are currently in a position to exert more influence on your organization and increase the value you and your team can offer. Many of you will feel pressure to develop slimmed-down versions of risk management to avoid high costs and burdens on the business; however, make sure not to take shortcuts when defining the parameters of your program, a step in the risk management process that the ISO 31000 standard refers to as “establishing the context.”

This report draws from this standard as well as industry best practices to explain this crucial step, which includes establishing the internal context, the external context, the risk management context, and the risk criteria; your attention to these details will likely mean the difference between a program that adds value by meeting expectations and one that fails to garner widespread support and ultimately collapses.

What you’ll learn from this report:

  • How the risk management role is earning more attention
  • How to define the objectives and success metrics of your GRC program
  • How to make even a streamlined program effective