The Encyclopedia.
32+ risk frameworks indexed with complexity, certification status and time-to-implement — searchable, filterable, comparable.
International standard providing principles and generic guidelines on risk management applicable to any organisation regardless of size, activity or sector.
Globally recognized framework for enterprise risk management, internal control and fraud deterrence.
Structured process to integrate security, privacy and cyber supply-chain risk management activities into the system development life cycle.
Specification for an information security management system (ISMS) — covering people, processes and technology.
Global regulatory framework on bank capital adequacy, stress testing and market liquidity risk, finalized by BCBS.
MAS Technology Risk Management Guidelines for financial institutions in Singapore. Covers IT governance, third-party risk, cyber resilience and cloud.
Mandatory minimum cyber hygiene measures for banks and FIs in Singapore — admin accounts, security patches, malware, multi-factor.
Singapore's baseline data protection law governing collection, use and disclosure of personal data, with mandatory breach notification (since 2021).
EU directive that codifies and harmonises insurance regulation, focusing on capital adequacy and risk-based supervision.
ISACA framework for the governance and management of enterprise IT, with focus on stakeholder value.
European risk management standard providing a common terminology and process for risk management.
Standard for project management with detailed risk management knowledge area (PMI).
Process-based method for effective project management, widely used in UK government and globally.
AXELOS framework for the management of risk across strategy, programme, project and operational levels.
Framework for applying lean and agile practices at enterprise scale.
Set of techniques and tools for process improvement, reducing defects to 3.4 per million opportunities.
Method that combines lean manufacturing/lean enterprise with Six Sigma to eliminate waste and reduce variation.
Step-by-step approach for identifying all possible failures in a design, manufacturing process, product or service.
International standard for quality management systems with risk-based thinking.
Visual risk assessment tool combining fault tree and event tree analyses on a single diagram.
Computational technique for understanding the impact of risk and uncertainty using random sampling.
Top-down, deductive failure analysis using boolean logic to combine lower-level events.
Structured and systematic examination of a complex process to identify hazards and operability problems.
Method of problem solving used for identifying the root causes of faults or problems.
Strategic risk scanning frameworks for environmental analysis and internal capability mapping.
Best practices for delivering IT services aligned to business needs, with risk and continuity practices.
EU directive on measures for a high common level of cybersecurity across the Union, replacing NIS Directive.
EU regulation creating a binding ICT risk management framework for the financial services sector.
Auditing procedure ensuring service providers securely manage data to protect interests of organisation and clients.
Specifies requirements to plan, establish, implement and maintain a business continuity management system.
Framework for disclosing the financial impacts of climate-related risks and opportunities — now folded into ISSB IFRS S2.
Specifies requirements and provides guidelines for establishing, developing, implementing a compliance management system.