Treasury Board of Canada Secretariat
Symbol of the Government of Canada


ARCHIVED - Integrated Risk Management Implementation Guide


Warning This page has been archived.

Archived Content

Information identified as archived on the Web is for reference, research or recordkeeping purposes. It has not been altered or updated after the date of archiving. Web pages that are archived on the Web are not subject to the Government of Canada Web Standards. As per the Communications Policy of the Government of Canada, you can request alternate formats on the "Contact Us" page.


About This Guide

This guide provides practical advice to those leading and facilitating implementation of integrated risk management in their organizations. It will be useful as well in increasing understanding and collaboration where needed. Risk champions familiar with the IRMF can look to the guide for what to do next. The guide is also a reference tool for assessing progress and identifying gaps in organizations where integrated risk management is already underway.

The guide's focus is integrated risk management, not risk management. Much material is available on various aspects of risk management (project, financial, health and safety, etc.), more than could even be usefully summarized in this guide. The guide section on Element 3 therefore focusses, as its title suggests, on "practising integrated risk management." For material on risk management in specific circumstances, readers are directed elsewhere (e.g. to the appendices, references, and the TBS Web site).

The guide relies on lessons learned by implementation leaders, particularly members of the IRMF Implementation Council.¹ Federal experience with integrated risk management, and most experience worldwide, is on Elements 1 (Developing the Corporate Risk Profile) and 2 (Establishing an Integrated Risk Management Function—Integrating Risk Management into Existing Decision-making Processes and Reporting). There is less information on and practical experience with Elements 3 and 4, i.e. the ongoing practice of integrated risk management and continuous risk management learning. As the practice of integrated risk management matures and a broader range of organizations gain experience, more examples will be available from which lessons can be drawn.

Structure and Format

Following the introductory material and tips for getting started, the guide is divided into four sections, reflecting the four elements of the IRMF:

  1. Developing the Corporate Risk Profile;
  2. Establishing an Integrated Risk Management Function—Integrating Risk Management into Existing Decision-making Processes and Reporting;
  3. Practising Integrated Risk Management; and
  4. Ensuring Continuous Risk Management Learning.

For ease of reference, these sections contain common sub-sections offering practical advice and examples. The sub-sections are as follows:

The Fundamentals. What every organization needs to establish the particular IRMF element under discussion.

How to Do It. Approaches, practices, tools, and processes based on what has worked for organizations in the process of implementing integrated risk management.

Questions to Consider. What to consider in tailoring integrated risk management implementation to reflect the unique characteristics (mandate, readiness, size) of the organization, its culture, and its work environment.

Examples. Cases to illustrate how organizations implemented integrated risk management and sources of additional information, tools, techniques, and templates to help to get started and address issues and challenges as implementation proceeds.

Some references are listed at the end of this guide; in addition, the Integrated Risk Management Framework and other resources are available on the TBS risk management Web site at /rm-gr/site/default.aspx.

Also at the end of the guide is an overview chart summarizing the steps in implementing an integrated approach to risk management within an organization. It describes key requirements and decisions for the critical stages in the process. Following the overview are summaries of what and how for establishing each IRMF element—practices and techniques for what organizations have done or need to do to develop and implement the particular element.

  1. The mandate of the Implementation Council is to advance the implementation of the IRMF across the federal government. The Implementation Council is composed of representatives of departments and agencies whose deputy heads have agreed to be IRMF implementation leaders. Members of the Implementation Council include Agriculture and Agri-Food Canada, Canada Customs and Revenue Agency, Citizenship and Immigration Canada, Environment Canada, Fisheries and Oceans Canada, Human Resources Development Canada, Indian and Northern Affairs Canada, Industry Canada, National Defence, Natural Resources Canada, Royal Canadian Mounted Police, Transport Canada, Treasury Board of Canada Secretariat, and Veterans Affairs Canada. At the time of writing this guide, Health Canada, the Immigration and Refugee Board, and Public Works and Government Services Canada were not formal members of the Council but nevertheless have been actively engaged in implementing integrated risk management in their organizations.