Business risk management (BURM)
The planning and implementation of organisation-wide processes and procedures for the management of operational risk.
Level 5 Carries out risk assessment within a defined functional or technical area of business. Uses consistent processes for identifying potential risk events, quantifying and documenting the probability of occurrence and impact on the business. Refers to domain experts for guidance on specialised areas of risk, such as architecture and environment. Coordinates the development of countermeasures and contingency plans.
Level 6 Plans and manages the implementation of organisation-wide processes and procedures, tools and techniques for the identification, assessment and management of risk inherent in the operation of business processes and of potential risks arising from planned IT-enabled change.