Get connected

You are here:

You are here

Risk management and leadership competence framework

Every day, we face a range of evolving strategic, financial, operational and technological challenges. Whether it’s customers seeking to eliminate risk, employees wanting more flexibility, society expecting higher standards or regulators expecting increased assurances more than ever before, very few of us, have all the skills and knowledge to manage the risks involved.  

Today, an organisation’s success tends to be defined by lower costs, better products or services and real excellence at delighting customers. But what do all these things have in common? Healthy, happy, motivated and able employees, as without them, these successes would not be realised.

Whether you are entering the health and safety profession, working in a strategic position heading up a global risk management or specialist department, or a business professional requiring a greater understanding of how to effectively manage risk, IIRSM’s competency framework offers guidance and a benchmark in which to recruit, retain, and develop staff or yourself.  

Organisations need to take risks to create value and need to manage risks to protect value. People, reputation and profits are protected when everything is going right, seldom when things are going wrong. Risk-based decision-making helps to deliver strategy, manage costs, supply chains, keep people safe, and better respond to risks. Effective risk management can be a real advantage. 

IIRSM’s framework is a useful tool for both organisations and individuals to assess their capabilities and to find out whether they are resilient and competent to manage risk, in all their forms. 

We would like to thank the extensive network of members and partners who have been involved and contributed to the development of our framework. Your input over the last 18 months has been invaluable.

The tabs below provide a summary of the framework, and you can download the full document setting out all competences from the bottom of the page.

Framework overview

IIRSM’s risk management and leadership competence framework supports the belief that risk management should be part of everyone’s responsibilities and is a transferable skill from any sector, geographical location and type of organisation. The framework is a useful vehicle to:

  • Provide a consistent approach across an organisation to managing its risks, in all their forms.
  • Enhance employee and organisational effectiveness through raising awareness of how to identify, communicate and act on risk to improve decision-making.
  • Support HR teams to embed risk management competence into existing and new job roles.
  • Understand risk management training needs.
  • Integrate risk management into existing organisational policies, procedures and cultures.
  • Enhance career opportunities, as risk management is increasingly recognised as a core competence for many decision-making roles.
Framework structure

The framework includes technical, business and behavioural competences, as all three are required to be a competent person able to make sound, well-judged decisions to manage risk, in all its forms.

The competences are presented in a generic way so they can be interpreted and applied to different areas of practice, specialism and to different geographical locations. It is important that the user understands and applies them within the context in which they work.

As a guide, the competences and behaviours are set at three levels of attainment linked to career progression and the IIRSM membership structure.

Operational – knowledge and understanding, with some application.

Managerial – Clear application of knowledge.

Strategic – Reasoned advice and depth of complexity.

The required level of competence will depend on an individual’s role, seniority, responsibilities, experience and area of practice.

Competences and behaviours
Technical competences and leadership behaviours

The following provides an overview of the seven areas of competence and eight behaviours, with business competences incorporated into each. Download the full framework for details of the specific knowledge and skills required at each career level - Operational, Managerial and Strategic for each area of competence and behaviour. 

Area of competence

Organisational context

Understands the evolving relationship between the organisation and external forces that shapes the way in which it responds to risk.

The role of risk management

Applies risk management across the organisation and educates stakeholders to identify and act on risk.

Strategy, objectives, policy and procedures

Develops and implements an organisation’s approach and attitude to the way in which it manages risk.

Project/change management

Enables organisations to create significant opportunities and recognises associated risks.

Stakeholder engagement

Ensures risks are efficiently addressed through understanding stakeholders and their motivations.

Data management

Ensures data is appropriately managed and decisions are founded on reliable information.

Risk and organisation reporting

Defines performance measures and provides the right information in required formats in a timely manner to the appropriate decision-makers.

Area of behaviour


Works with stakeholders in a manner that encourages and persuades others to contribute effectively.

Emotional intelligence

Demonstrates an open attitude to all, irrespective of circumstances, recognising and valuing different stakeholders’ perspectives and input.


Builds consensus, trust and respect by sharing information, ideas and resources in a manner that increases contribution from others.


Communicates clearly and concisely, recognising audience capabilities, and listening to stakeholders in an open and courteous way.


Identifies uncertainties as potential opportunities and challenges the status quo. Takes calculated risks whilst respecting objectives and values.


Demonstrates trust, fairness and openness and remains true to values irrespective of pressures.


Pursues objectives through to the end, demonstrating resilience, courage, adaptability and energy to achieve goals.


Works logically, considers options and sets clear and measurable targets which balance competing priorities.