Our Services

RM4C are focused on tailoring solutions to address your risk management needs.  We invest time in understanding your objectives to ensure the services provided will add value.  We work at all levels of an organization from Board through the Senior Executive team through to operations.  The range of services available are grouped into three areas.

Risk Profiling

Strategic Business Risk Profiling

The strategic business risk profile is the process for applying ISO 31000:2009 Risk Management to your organisation.  We walk through a structured process to build an organisational risk register.  This begins with a process to understand your organization's strategic objectives and risk appetite.  We then apply this knowledge through structured interviews with individuals within your business with responsibility for various risks to understand how risk is managed within your business.

The outcome of this process is a detailed risk register and a risk management plan to maintain controls and close out gaps identified.  The Risk Management Plan will include timelines and actions developed with an understanding of the available resources.


Enterprise Risk Management (ERM)

ERM has become the industry acronym for implementing risk across all levels of an organization.  RM4C adopt the methodology of ISO31000:2009 Risk Management to develop and implement a risk management framework that is designed to suit the size and risk profile of your organization.  Whilst the risk identification and assessment is an integral part of this process, risk is not managed until controls are allocated to individuals and reporting processes are implemented to monitor effectiveness. Implementation of ERM is a journey, requiring a project plan, milestones and adequate resources.  Our process ensures this project plan is defined at the outset and milestones are agreed to walk the journey with you.

Governance Risk Compliance (GRC)

GRC is the latest buzz term for all things risk.  At RM4C we see an organization's risk framework as the link between their governance processes and their compliance requirements.


Business Resilience

In a competitive business environment, organizations that are well prepared to address adverse challenges or interruptions to their business can create a competitive advantage.  Supporting organisations to build their resilience can include a range of activities:

  • Business Resilience Assessment – to assess the readiness of an organisation to handle interruptions of various types;
  • Business Interruption Reviews – to assess exposures against insurable interruptions to the business;
  • Business Continuity Planning, Crisis Management and Disaster Recovery Planning – documenting plans for proactively responding to crisis and adverse events;

Risk Strategy


RM4C can help organisations tailor their risk management processes in order to manage risk most effectively.  This could include creating efficiencies out of the adoption of software solutions, and considering innovative solutions for acquiring the resources required depending on your risk profile, risk appetite and risk maturity.

Property Portfolio Risk Strategy

RM4C have developed particular expertise in delivering risk improvement programs for clients with extensive property portfolios.  These programs are defined based on the available resources, the risk appetite for the client and the strategic imperatives for the business.  For example, a large food supplier that has a single site manufacturing a key ingredient for other manufacturing sites will have a different risk strategy compared to a franchise business with 100's of retail outlets.  The structured process will assess your needs and design a program of works to address risk across your portfolio in a structured fashion.  This kind of program will deliver particular economic benefits when it is actively promoted to your insurers. 

Risk Engineering

RM4C have the experience and technical expertise to provide advice on all your technical risk matters.  Our advice will always reference the relevant standards and codes and comes with the commercial understanding of your business context.  We acknowledge the need to communicate technical risk management controls to both internal and external stakeholders in a practical and independent fashion.  The types of risk engineering activities undertaken include:

  • Property Risk Assessments;
  • Fire Safety Studies;
  • BCA Reviews;
  • Public Liability Reviews;
  • Product Liability Reviews;
  • Loss Estimate Studies;
  • Combustible Dust Risk Assessments.

Project Risk

In many ways, a project can be considered a business with a start and a finish.  Many of the risks will be the same, but one of the key consequences to be considered is the need to keep projects on time and in budget.  At RM4C we apply the ISO31000:2009 Risk Management standard and tailor it to consider the defined nature of projects.  The effective management of risk still requires a plan, resources and milestones to monitor activities and ensure continual improvement.