How Can We Use Context to Inform Risk Management?
Updated: Feb 10, 2020
External and internal context combine to make up the environment in which the organization seeks to achieve its objectives.
PESTLE is a useful mnemonic to consider external context:
Political influences such as legislation, trade tariffs, policy changes.
Economic factors, both global and local.
Social influences, expectations, trends, and demographics.
Technological changes and implications.
Legal environment and requirements for compliance, etc.
Environmental factors such as pollution, climate change, stakeholder expectations, etc.
MORTAR is another useful mnemonic to help establish internal context:
Management systems: policies, procedures, processes,
Organization: culture, objectives, vision, ethics
Resources: capabilities, cashflow, people, property, information, intellectual property
Technologies: robotics, information, communication,
Accountability: structure, ownership, governance
Relationships: stakeholders, interconnections, dependencies
When analyzing internal context, SWOT analysis can also be helpful:
Strengths of the organization
Weaknesses of the organization
Opportunities that may present themselves
Threats to achievement of objectives