This sample document defines the goals and activities of the Corporate Risk Management Committee, its competencies and the duties of its members.

Most of the risk managers we have interviewed agreed that having a management level Risk Management Committee has a significant positive effect on the overall risk management culture.

While the composition of the Risk Management Committee can vary from company to company, it should be sufficiently representative to ensure different points of view on risk are considered. Based on our interviews, the best results tend to be achieved when the risk committee brings together supporting functions (finance, risk, legal, security, internal audit) and business units (operations, sales, marketing).

The Committee can either deal with matters related to risk management methodologies and risk management integration into various business processes or it may participate in the decision-making process (investments, projects and other high-risk activities) or both.

The Committee may meet on a regular basis (monthly or quarterly) as well as upon request from the Chairman of the Committee if there are questions that require urgent risk analysis.