Risk Maturity Model Recognition Program Evaluation Criteria

RMM Recognition Program

The RMM Recognition Program seeks to recognize organizations that have achieved the minimum threshold of acceptable ERM, as outlined by regulatory and agency standards for risk management. As defined by the RMM assessment, this includes all programs which have received a Maturity Level of 3 or above, indicating they have a scalable, repeatable, and sustainable ERM process in place. The RMM Recognition Program aims to highlight leaders and establish industry standards, with the ultimate goal of enhancing the discipline of enterprise risk management.

RMM Scoring MethodologyRisk Maturity Model RMM Assessment Structure

The Risk Maturity Model outlines seven attributes, or components of a successful enterprise risk management program, which breaks into 25 competency drivers. During the RMM assessment, organizations score how well they embody each of the drivers using three dimensions:

(1) Effectiveness – Measures the frequency and effectiveness of key risk management activities (i.e. Are assessments ad-hoc or completed annually? Are high risks reviewed at least quarterly?)

(2) Proactivity – Measures forward-looking risk management versus reactive after events occur (i.e. Is risk management part of employee training? Are emerging risks regularly considered?)

(3) Coverage – Measures the breadth and depth of risk management within the organization (i.e. Does responsibility span across all departments and all vertical levels of the organization?)

Once all drivers are assessed, the RMM scores an organization’s ERM program, ranking its maturity and alignment with best practices. On a 5-level scale, receiving a score of (1) ad hoc or (2) initial, indicates a very basic or non-existent ERM program, whereas achieving the upper levels, (3) repeatable, (4) managed, and (5) leadership, indicates ERM programs that are established and increasingly aligned with industry standards.

RIMS Risk Maturity Model helps add 25% to organization's bottom line valueValue of Maturity

In 2014, Queens University in Europe conducted an independent research study on the RIMS Risk Maturity Model (RMM). Published as a comprehensive report, the Queens University study found that as organizations achieve higher levels of maturity, as defined by the RMM, they can experience up to a cumulative growth of 25% to their bottom line value.

Benefits of Recognition

With expectations for enterprise risk management spanning from the financial services industry, through energy, retail, and so on, organizations are increasingly concerned with adhering to evolving best practices. Organizations who receive the RMM Recognition will have access to a network of other successful peers, and best-practice knowledge driven by risk management standards such as the RMM.

Benefits for recipients include, but are not limited to, the following:

  • RMM community involvement
  • Advanced RMM reporting
  • Network with other distinguished risk management professionals
  • Access to the RMM knowledge base, community & expert portal

Announcement

Organizations that accept and receive the RMM Recognition will be acknowledged at the annual RIMS ERM Conference. Attendance to the conference is not required or expected in order to receive this recognition, and those who do not attend will still be acknowledged and will be sent their certificate of recognition via mail.

Click to learn more about the 2016 and 2015 Recipients.