CLIENT'S CHALLENGE
The agency is facing several challenges in defining and embedding its risk appetite:
Leadership Alignment
Ensuring consistency in risk perspectives across cohorts – CEO, Board, and Executive Management Teams.
Operational Clarity
Providing clear risk boundaries to guide decision-making.
Governance and Assurance
Integrating risk appetite into governance, reporting, and assurance frameworks; and using it to shape early risk reporting
Cultural Integration
Embedding a common risk language across business units.
Project Management Support
Leveraging risk appetite to guide project governance and controls.
The organisation required a structured, phased approach to defining risk appetite, ensuring early wins while setting the foundation for long-term risk maturity.
OUR APPROACH
Metropolis Advisory applied a structured approach for focused and authentic conversations. Working closely with the CEO, Board and Executive Leadership Team, our strategy assisted the business prioritise areas for greatest scrutiny through:
Engaging the CEO
- Confirmed the CEO’s vision, risk language, and strategic priorities.
- Established how risk appetite aligns with the agency’s objectives and supports decision-making.
Engaging the Board Chair and ARC Chair
- Conducted focused discussions to align perspectives on risk appetite.
- Identified points of divergence for further consideration and refinement.
Early Wins: Practical Integration of Risk Appetite
- Identified and leveraged existing risk practices that aligned with strategic objectives.
- Set risk tolerances using the agency’s Risk Consequence criteria.
- Used real examples to drive risk appetite framework development, and refined the risk register to include consideration of risk tolerance.
- Integrated risk appetite principles into reporting, governance, and assurance practices. Made adjustments to the Risk Framework as required to align.
Board and Executive Team Alignment
- Developed a risk appetite statement with clearly defined boundaries (tolerance limits), using the existing Risk Framework’s collateral
- Established a structured review and reporting cycle.
- Defined expected behaviours to ensure alignment with decision-making and risk-taking practices.
- Applied the statement to several topical scenarios to validate and socialise with the team.
Internal Controls Library and Common Language
- Assessed existing internal controls to create a single-source reference for governance and risk management.
- Reinforced a consistent risk language across business units.
- Integrated risk appetite principles into the Project Management Office to ensure strategic alignment.
FROM OUR CLIENT
“The structured approach to defining risk appetite, and using it early to shape our reporting, has significantly improved decision-making and governance within our agency. Our leadership team now has clear parameters to guide risk-taking, and teams feel more confident in making informed decisions. Over time, it will help us with timely escalations as threats arise.”
VALUE-ADDS & CLIENT OUTCOMES
By adopting a structured and practical approach, the agency has so far achieved:
Targeted Risk Management
Defined risk appetite aligned with strategic objectives, enabling better decision-making.
Stronger Governance
Integrated risk appetite into governance, reporting, and assurance practices.
Leadership Alignment
Established a shared understanding of risk appetite among the Executive, Board, and ARC, and priority risk areas.
Operational Consistency
Created a single-source internal controls library to drive consistent risk practices.
Empowered Teams
Enhanced confidence in risk-based decision-making across the organisation.
At Metropolis Advisory, we believe a well-articulated risk appetite statement is a powerful tool for enabling strategic decision-making. By engaging leadership, aligning governance frameworks, and embedding risk appetite into everyday operations, organisations can empower teams to take informed risks within clearly defined boundaries.
