PRINCE2® 7 is here. Check our PRINCE2® 7 Offers

All About Management of Risk (M_o_R®) Framework

Management of Risk or M_o_R 4 (aka MoR 4) is the latest edition of Management of Risk – a must-have certification for roles where managing risk is inherent, including portfolio, programme, project, business change and risk management professionals. Management of Risk 4 has a specific relevance for individuals working in product focussed environments / roles, offering a compelling integrated solution for the unique challenges faced by modern, digital-first organizations.

MoR 4 has been developed for candidates and practitioners who are interested in understanding how risk links to opportunity and the delivery of benefits, and in communicating or cascading this to stakeholders.

Managing Successful Programmes
History of MSP

History of Management of Risk (M_o_R®)

  • Management of Risk (M_o_R®) was originally developed in 2002.
  • The main trigger for development of this framework was Turnbull Report on Corporate Governance that set out internal best practice for UK listed companies.
  • The prime purpose of M_o_R® was to assist organisations of all scales in assessing the risks associated with decision making.
  • Second edition of M_o_R was released in 2007 which become globally known.
  • Third edition of M_o_R was released in 2009 making the framework more relevant to the global risk management practices.
  • Current release is the 4th edition of the framework, publicly available since late 2022
  • Despite originating in the government sector, it is widely used in public and private sectors across the globe for successful risk management.

Risk and Risk Management

  • M_o_R defines a risk as:
    • Risk is an uncertain event or set of events that, should it occur, will have an effect on the achievement of objectives. Risk is a neutral concept; risks can either be threats (downside risks) or opportunities (upside risks).
  • M_o_R identifies risk management as:
    • Risk management is the coordinated direction and control of an organization, undertaken to protect and create value in the face of risk.
Risk and Risk Management | Tecknologia

The Management or Risk 4 Handbook

  • The Management of Risk Study Guide
    • Defines full content of M_o_R
    • Is definitive source for all M_o_R exams
    • Supports training and exams
    • Can be used in Practitioner exam (open book exam)
  • Structure of the handbook:
    • 14 Chapters
    • 2 Appendices
Management of Risk 4 Handbook
MoR Principles

8 M_o_R PRINCIPLES for Effective Risk Management

  1. Aligns with objectives
  2. Fits the context
  3. Engages stakeholders
  4. Provides clear guidance
  5. Informs decision-making
  6. Facilitates continual improvement
  7. Creates a supportive culture
  8. Achieves measurable value

The first seven principles are enablers. The final principle is the result of implementing risk management well.

The M_o_R Perspectives

In order to allow the effective escalation, delegation and/or aggregation of risks and to identify and manage common themes within any organization it is very important to ensure that there is an integrated risk management approach across M_o_R perspectives.

Most organizations will not operate across all six perspectives, but all will have strategic and operational objectives, and most will have some objectives related to changing the organization or to the product development and management.

MoR Perspectives

The People Considerations

Individuals (in groups) interpret data in situations and make judgements (educated guesses) under uncertainty.

Given that people make the judgements and take the actions, risk management can never be successful if people considerations are ignored.

People considerations in risk management are addressed by M_o_R principles of engaging stakeholders and creating a supportive culture.

M_o_R People Considerations
M_o_R Processes

The M_o_R Processes

A structured set of activities that define the sequence of actions and their inputs and outputs to achieve a specific objective.

  1. Define the context and objectives
  2. Identify threats and opportunities
  3. Pruiritize Risks
  4. Assess combined risk profile
  5. Plan responses
  6. Agree contingency
  7. Monitor and report progress
  8. Review and adapt

Are you ready to become a certified Management of Risk professional? Click here to explore relevant certification training and achieve the next level in risk management profession.

Why MoR?

Why Management of Risk (M_o_R)?

  1. MoR Addresses common programme challenges:
    1. M_o_R directly supports the risk management and risk-based assurance elements of corporate governance by providing a principal-led risk management process that can be tailored for application at, across, and between multiple organizational perspective.
    2. This process specifically enables the aggregation and escalation of risks to the strategic level to gain the attention and support of the responsible officers of the organization.
    3. Risk-taking is important to create and protect value: the very essence of organizational survival and growth.
    4. And awareness of risk enables organizations to create a relative advantage, particularly in VUCA context, enabling resilience in the face of emerging change and disruption.
    5. Depending on the objectives at risk, effective risk management is likely to produce benefits that apply equally across private, public and charitable sectors.
Management of Risk Training and Certification

MoR Training and Certification

Management of Risk (M_o_R) certification trainings are provided by PeopleCert's Accredited Training Organizations (ATOs) across the globe. Tecknologia is also a PeopleCert Accredited Training Organization (ATO) offering Management of Risk (M_o_R) certification trainings across the globe and in various formats.

Certification Level Course Duration (Virtual Classroom) Course Duration (Classroom) Certificate Valid for
MoR Practitioner 3 Days 3 Days 3 Years

M_o_R 4 does not have a foundation level training and certification.

Click on the links for certification levels to explore the pre-requisites, exams and other details.

In comparison: PMI-RMP® (Risk Management Professional)

  • PMI-RMP is more focused on project risk management (while M_o_R is not strictly connected to project management, it addresses 6 perspectives).
  • PMI-RMP was last updated in 2002
  • There are strict prerequisites for candidates, including:
    • Secondary degree (high school diploma, associate’s degree or the global equivalent) OR 4 years degree.
    • 36 months OR 24 months of project risk management experience within last 5 years.
    • 40 hours OR 30 of project risk management education.