I am attempting to gather a significant amount of data in relation to the state of risk management across sectors (Government, private and not for profit). I would like to get in excess of 1000 responses from each market sector so it would be greatly appreciated if you could complete the survey and, if you have colleagues in other organisations that you think may like to complete the survey, please pass it on to them.

The survey should take no more than 7-10 minutes to complete.

Results will be published in a subsequent Paladin Risk Management Services Newsletter. You can sign up for the newsletter at

Thanking you in advance

Rod Farrar

* 1. What type of organisation is your organisation?

* 2. What is the size of your organisation?

* 3. How would you categorise your position within the organisation?

* 4. Does your organisation have a Board of Directors?

* 5. Does the Board have a Board Risk Committee or Equivalent (e.g. Board Audit Committee)?

* 6. How often does the Board Risk or Audit Committee meet?

* 7. Does the organisation have an Operational Risk, Risk and Audit, or Audit Committee?

* 8. How often does the Operational Risk, Risk and Audit or Audit Committee meet?

* 9. Does your organisation have a Chief Risk Officer?

* 10. Does your Chief Risk Officer have the same level of seniority as other Senior Executives (e.g. CFO, CIO etc.)

* 11. Does your Chief Risk Officer have a "seat at the table" when the organisation develops its strategic plan?

* 12. If you do not have a Chief Risk Officer, does the organisation have someone who has responsibility for the coordination of the risk management program across the organisation?

* 13. Does the person who has the risk management coordination role have sufficient authority to influence how risk management is integrated into the business?

* 14. Does your organisation have a risk management policy?

* 15. Was the Policy developed:

* 16. Does your organisation have a risk management plan (may be called procedure, work instruction .etc)?

* 17. Was the Plan developed:

* 18. Has the organisation developed a strategic risk register?

* 19. What are the sources of strategic risk to your organisation(multiple can be chosen)?

* 20. Many organisations have multiple risk registers. Please indicate which risk registers you have:

* 21. Does your organisation proactively measure the value the risk management program is adding to the achievement of organisational objectives (e.g. risk audit/risk maturity assessment)?

* 22. How often are risk audits or risk maturity assessments conducted on your risk management program?

* 23. Has/does your organisation provide dedicated risk management training to individuals with risk management roles and responsibilities?

* 24. Is the training provided:

* 25. Is training provided by:

* 26. Are risk management accountabilities incorporated into the individual agreements with senior managers? 

* 27. Has the organisation developed performance measures for the risk management program?

* 28. Does the organisation monitor performance against the performance measures?

* 29. What are the barriers to effective risk management within your organisation (more than one option can be chosen)?

* 30. Is risk management explicitly integrated with other organisational programs such as the internal audit and compliance program?

* 31. Overall, how would you rate the risk management program in your organisation?