M_o_R was established in 2002 to document good practice in risk management, based on the principles of corporate governance, for UK Government bodies. However, it was also intended that the guidelines would be used by private sector organisations. It has recently been revised to incorporate the latest good practice and provide a consistent standard for UK Public Sector and a pragmatic guide for private sector organisations.

M_o_R is owned by the OGC, who are also responsible for MSP (Managing Successful Programmes), PRINCE2 (PRojects IN Controlled Environments) and ITIL (IT Infrastructure Library).

INTRODUCTION

A certain amount of risk-taking is inevitable if your organisation is to achieve its objectives. Effective management of risk helps you to improve performance by contributing to:

• Better service delivery
• Reduction in management time spent fire-fighting
• Increased likelihood of change initiatives being achieved
• More focus internally on doing the right things properly
• Better basis for stragegy setting
• Achievement of competitive advantage
• Fewer sudden shocks and unwelcome surprises
• More efficient use of resources
• Reduced waste and fraud, and better value for money
• Improved innovation
• Better management of contingent and maintenance activities.

SCOPE OF M_o_R

The framework of M_o_R is based on four concepts:

• M_o_R principles, essential for the development of good risk management practice.
• M_o_R approach to be adapted to suit each individual organisation.
• M_o_R processes to ensure that risks are identified, assessed and controlled.
• Embedding and reviewing M_o_R to ensure that the principles, approach and processes are applied across the organisation and that their application undergoes continual improvement.

M_o_R is now regulated so that service providers, user organisations and individuals can be accredited against standards in process and knowledge and regulated through examinations and audits.