What framework involves policies and procedures for managing risk exposure?

The Enterprise Risk Management (ERM) framework focuses specifically on identifying, assessing, and managing risks that could potentially impact an organization's objectives. It encompasses a structured approach to risk management, integrating it into an organization’s overall governance structure, strategic planning, and day-to-day operations. This framework facilitates a comprehensive understanding of risks across the enterprise, emphasizing a proactive stance in managing risk exposure.

An effective ERM framework includes policies and procedures that guide the organization in assessing risk and making informed decisions to mitigate those risks. This includes identifying potential risks, evaluating their impact, and developing strategies to address them.

Other frameworks, while important, have different focuses. The Risk Management Framework is more about the process of managing risks specifically, while the Governance Framework emphasizes organizational governance structures and policies. The Compliance Framework has a narrower focus on adherence to laws and regulations rather than a holistic view of risk across the organization.