Integrated Risk Management
Through the application of technology and automation, we'll help you manage your risks efficiently and effectively across the entire enterprise.
Identity and Access Management
We'll help you ensure everybody within your organisation has access to the right systems and data, for the right reasons, and at the right time.
Cyber & Application Security
Our experts will uncover security weaknesses within your security design and business-critical applications. Helping you protect your organisation from both internal and external threats.
About us
A group of passionate individuals with a shared purpose to help the world's leading companies embrace best practices for GRC and risk management.
Turnkey's strategic partner network consists of selected organisations that complement our capabilities.
Corporate Social ResponsibilityCSR
We are committed to being agents for change through our Climate Action Plan, championing diversity in our workplaces, and more.
Get in touch
We have operations in all corners of the globe, so see which office is nearest to you and connect with them.
We have operations in all corners of the globe, so see which office is nearest to you and connect with them.
Webinars & eBooks
All of Turnkey's webinars, guides and other insights available in one place.
Read the latest insights from our experts on GRC and risk management, covering the latest industry topics.
Press Coverage
See all the publications where Turnkey, our experts and our successes have been noted.
Key events
See the key industry conferences on GRC, SAP security and risk management which we are attending.
Case Studies
Client satisfaction is of the utmost importance to us, and we strive to constantly deliver above expectations, going the extra mile at every opportunity.
We've put together a comprehensive list of frequently asked questions - along with our responses - to the most common GRC and SAP security issues.
19 January 2017

Risks Management: The  IoD’s New Directors Competency Framework

The Institute of Directors recently released their new ‘Director’s Competency Framework’. The framework is the latest effort by the IoD to define the competencies required by Directors and the knowledge, skills and mindset they need in order to be effective.

From a Risk Management practitioner’s perspective it is interesting to note that risk and the management of risk is mentioned several times in the framework. The framework defines an understanding of good corporate governance as a core competency required by Directors and this is first the area that risk management is mentioned.

The corporate governance section of the framework covers risk management is highlighted in key sections.

Risk Oversight:

  • Risk appetite and the role of growth and value creation.
  • The structures and systems which enable your organisation to effectively identify, assess and manage risks. 

Firstly, it is essential for directors to set the “tone from the top” and the IoD recognises this as a core requirement. Secondly, it is important to develop the structure and systems necessary for effective risk management. 

Strategic Thinking

  • Opportunities and threats: Identify opportunities and threats to the organisation, combine the internal and external business environment.
  • Considering the impact of decision: Identify the potential impact of decisions and offer contingency plans and risk mitigation. Strategic direction is a core competency for any director and is key in decision making. The implication here is that the assessment and evaluation of risk in the context of strategic direction is a core competency for any Director. 

Decision Making:

  • Taking appropriate risks: Take calculated risks in the context of the organisation’s strategy and the appetite of the board. 

What is encouraging about this final statement is that it clearly highlights the value that can be derived from managing risk effectively .

I have personally been involved in the IoD for several years now and have completed their Chartered Director qualification. Whilst I found this to be of value to me personally it could definitely be argued that the qualification is a little inaccessible and is primarily geared towards those taking the IoD’s formal training. The Director’s Competency Framework is much more accessible and that can only be a good thing. It is also great to see that it puts good risk management out there as a critical skill that all Directors need to have. 


Download our complimentary guide on Managing Compliance or Managing Business Risk and find out how you can improve your risk management.