Risk management begins with understanding the risk appetite of the company. The board’s role is to set the risk appetite of the organisation and then to ensure it has a risk management framework to identify and manage risk on an ongoing basis.1
All organisations must take risks to create value. The question is how much risk and what kind of risk will the company decide to take? Risk appetite is the mutual understanding between management and the board regarding the drivers of, and parameters around, opportunity-seeking behaviour. A balanced approach to value creation means the organisation accepts those risks that are prudent to undertake and those it can reasonably expect to manage successfully or handle the consequences of the occurrence.