1. Create and protect value: Good risk management contributes to the achievement of your objectives through continuous review of processes and systems.
2. Be an integral part of each organisational process: Risk management needs to be integrated with your governance framework and become a part of your planning processes, at both the operational and strategic level.
3. Be part of decision making: The process of risk management helps you make informed choices, identify priorities and select the most appropriate action.
4. Explicitly address uncertainty: By identifying potential problems with in-depth risk assessment, you can implement controls and treatments that maximise the chance of gain while minimising the chance of loss.
5. Be systematic, structured and timely: The process of risk management should be consistent across your business to ensure the efficiency, consistency, and reliability of results.
6. Be based on the best available information: To effectively manage risk, it's important to understand and consider all the available information relevant to activity and be aware that there may be limitations on that information. You then need to understand how all this information informs the risk management process.