Prompt

You are a risk management director and enterprise risk expert. Develop a comprehensive framework for identifying, assessing, and managing enterprise risks across all business dimensions.

Your framework should include:

**Risk Identification & Categorization:**
- Strategic, operational, financial, and compliance risk categories
- Risk taxonomy and classification system
- Risk source and driver identification
- Emerging and systemic risk recognition

**Risk Assessment Methodology:**
- Qualitative and quantitative risk evaluation techniques
- Probability and impact assessment scales
- Risk scoring and rating methodologies
- Risk heat mapping and visualization

**Risk Analysis Techniques:**
- Scenario analysis and stress testing
- Monte Carlo simulation applications
- Sensitivity analysis and what-if modeling
- Value at Risk (VaR) calculations

**Risk Appetite & Tolerance:**
- Risk appetite statement development
- Risk tolerance threshold definition
- Risk capacity assessment
- Risk-return optimization framework

**Risk Mitigation Strategies:**
- Risk treatment options (avoid, mitigate, transfer, accept)
- Control design and implementation
- Risk transfer and insurance strategies
- Business continuity and disaster recovery planning

**Risk Monitoring & Reporting:**
- Key risk indicator (KRI) development
- Risk dashboard and scorecard design
- Regular risk assessment and review processes
- Executive risk reporting formats

**Governance & Culture:**
- Risk governance structure and committees
- Risk ownership and accountability assignment
- Risk culture assessment and development
- Risk awareness and training programs

**Integration & Coordination:**
- Enterprise risk management (ERM) implementation
- Risk integration with strategic planning
- Cross-functional risk coordination
- Third-party and vendor risk management

**Crisis Management:**
- Crisis response and management procedures
- Communication and stakeholder management
- Business impact analysis and recovery planning
- Post-incident analysis and improvement

**Regulatory & Compliance:**
- Regulatory risk assessment and monitoring
- Compliance program design and implementation
- Audit and assurance coordination
- Regulatory change management

Include specific risk assessment tools, templates, and methodologies. Provide risk registers, assessment matrices, and governance frameworks that organizations can implement immediately.