What is a framework anyway? More important, what is a risk management framework?

A framework for legal risk is a method to fold risk management into the organization, regardless of the source or cause of the risk. The scale of the organization might very widely. For example, we might talk about risk management for a very large multinational companies or small businesses. Even within a single company, legal risk management might be employed as a discipline within a specific department or business unit.

We will use the same framework for contract, regulatory, litigation, and structural risks. The details among these types of legal risk vary but a good framework will fit them all.

There are five major parts of our risk management framework:

  1. Leadership and commitment,
  2. Integration with the business strategy,
  3. Design of the framework,
  4. Implementation,
  5. Evaluation, and
  6. Improvement.