Enhance Your Ability to Manage Risks in line with Business Needs

M_o_R® is a route map for risk management, bringing together principles, an approach, a set of interrelated processes, and pointers to more detailed sources of advice on risk management techniques and specialisms. It provides advice on how the principles, approach, and processes should be embedded, reviewed and applied differently depending on the nature of the objectives at risk.

M_o_R® combines an overall approach with a set of processes and principles. It also shows people how to embed these practices, review them, and where necessary adapt them to changing circumstances.

To manage risks over the long term, risk management must be embedded, reviewed and constantly improved.

At the heart of M_o_R® lies three core principles:

  • M_o_R® Principles: recognise that risk management is a subset of internal controls;
  • M_o_R® Approach: should be agreed and clearly defined with principles adapted to each organisation;
  • M_o_R® Processes: comprise of six distinct process steps to ensure that risk is systemically identified, assessed and controlled.

An M_o_R® 'health check' can be used to establish how well risk management is embedded in an organisation and consequently how to improve it.

M_o_R® is informed and aligned with the international standard ISO 31000:2009.

What is the M_o_R® certification?

PEOPLECERT M_o_R ATO LogoThe M_o_R® is a part of the AXELOS Global Best Practice portfolio. The M_o_R® certification has Foundation and Practitioner levels, and provides a basis for accreditation of people involved in risk management activities and helping them make informed decisions about the risks that affect their strategic, programme, project and operational objectives.

Target Audience

The M_o_R® certification is designed for candidates:

  • who see the need for guidance on a controlled approach to identification, assessment and control of risks at strategic, programme, project and operational perspectives;
  • who are Business Change Managers, Programme and/or Project Managers, Risk Managers, Business and Programme and/or Project Support managers and team members, and Operational managers and team members;
  • who are managers and staff members from other disciplines, particularly those responsible for establishing standards and/or integrating them with other Global Practices such as: MoP® (portfolio management), MSP® (programme management), and PRINCE2® (project management);
  • who need to know the terminology used and some of the theory behind the practice;
  • who plan to achieve the higher level of the M_o_R® Practitioner qualification;
  • who work within a corporate governance environment that has responsibilities for identifying, assessing, planning, or managing risks, or reporting on risk management activities across the organisation.

Course Outline

Area 1: M_o_R® Framework

  • Benefits of Risk Management
  • Difference between a Risk and an Issue
  • 4 Key Elements: Principles, Approach, Process and Embedding and Reviewing
  • Actions for Effective Risk Management: Identify, Assess, Plan and Implement
  • Decision-making Considerations for Long-term, Medium-term and Short-terms Objectives
  • Drivers and Influences to Increased Focus on Risk Management, Corporate Governance and Internal Controls
  • Applying the M_o_R® Framework to an Organisation and Tailoring the Implementation for a given scenario
  • Benefits of implementing or improving Risk Management practice

Area 2: M_o_R® Principles

  • Risk Capacity, Risk Appetite, Risk Tolerance, Key Performance Indicator (KPI), and Early Warning Indicator (EWI)
  • Purposes and Outcomes of the 8 Principles: Aligns with Objectives, Fits the Context, Engages Stakeholders, Provides Clear Guidance, Informs Decision-making, Facilitates Continual Improvement, Creates a Supportive Culture, and Achieves Measurable Value
  • How the 8 Principles support Corporate Governance and Internal Control
  • How the 8 Principles are supported by KPIs, EWIs, Tolerance Threshold, Stakeholder Analysis, Approach Documents, Health Check, Maturity Model, and Lessons Learned respectively
  • Link between Risk Tolerance and Escalation
  • Understanding of Development and Refinement of Scalable and Context-specific Risk Management Practices

Area 3: M_o_R® Approach

  • Purposes, Relationships and Recommended Contents of the 9 M_o_R® documents: Risk Management Policy, Risk Management Process Guide, Risk Management Strategy, Risk Register, Issue Register, Risk Improvement Plan, Risk Communications Plan, Risk Response Plan, and Risk Process Plan
  • Important Concepts of the 3 central Approach Documents: Risk Management Policy, Risk Management Process Guide, and Risk Management Strategy
  • Key Components of Risk Register
  • Difference between Cause, Event and Effect of a Risk

Area 4: M_o_R® Processes

  • Importance of Risk Management as an Iterative Process
  • Definitions of Probability, Impact and Proximity
  • Steps and sub-steps of the M_o_R® Processes: Identify (identify context and identify risks), Assess (estimate and evaluate), Plan and Implement
  • Understanding of Goals, Inputs, Outputs, Techniques and Tasks
  • Creation, Usage and Update of the 9 M_o_R® Documents in the M_o_R® Processes
  • Common Process Barriers to Success to Implementing the Risk Management Process
  • Differences between Inherent Risk, Secondary Risk and Residual Risk
  • Differences and Relationship between Risk Owner and Risk Actionee
  • Communications throughout the M_o_R® Process
  • Stakeholders and their Importance to the Identification, Assessment and Control of Risk

Area 5: Embedding and Reviewing

  • Definitions and Purposes of Risk Management Health Check and Risk Management Maturity Model
  • Purpose and Concepts of Embedding and Reviewing into the Organisational Culture
  • Issues related to Embedding and Reviewing Risk Management
  • Ways to Measure Value in Implementing Risk Management
  • Ways to Overcome Barriers, Obtain and Develop Senior Management Commitment and Support, and Build and Develop a Risk-aware Organisational Culture
  • Methods, Actions and Responsibilities for Building and Developing a Risk-aware Organisational Culture

Area 6: Perspectives

  • Purposes of the Strategic, Programme, Project, and Operational Perspectives
  • Definitions of Contingency, Enterprise Risk Management, and Central Risk Function
  • How the Principles are applied and respective focus of concern for each Perspective
  • Risk Management Responsibilities of Senior Team, Senior Manager, Manager, Assurance, Risk Specialist, and the Team
  • Purpose of Integrating Risk Management across the Perspective
  • Performance and Process Measures of Value enabled by Risk Management
  • Application and Tailoring of the M_o_R® Framework to Organisational Perspective

Area 7: Common Techniques

  • Risk Description Technique: Cause, Event, and Effect
  • Risk Responses: Avoid, Exploit, Reduce, Enhance, Transfer, Share, Accept and Prepare Contingency Plans
  • PESTLE Analysis, SWOT Analysis, and Horizon Scanning
  • Stakeholder Analysis, Influence/Interest Matrix, RACI Diagram, and Probability Impact Grid
  • Checklist, Prompt List, Risk Breakdown Structure, and Cause and Effect Diagram
  • Probability Assessment, Impact Assessment, Proximity Assessment
  • Brainstorming, Nominal Group Technique, and Delphi Technique
  • Questionnaires and Individual Interviews
  • Assumptions Analysis and Constraints Analysis
  • Relationship between Probability, Impact and Expected Value
  • Expected Value Assessment for Individual Risks
  • Summary Expected Value for Organisational Activities
  • Monte Carlo Simulation, Sensitivity Analysis, Probability Tree and Decision Tree
  • Cost Benefit Analysis, Summary Risk Profile, and Exposure Trends

Area 8: Risk Specialisms

  • Business Continuity Management
  • Incident and Crisis Management
  • Health and Safety Management
  • Security Risk Management
  • Financial Risk Management
  • Environmental Risk Management
  • Reputational Risk Management
  • Contract Risk Management

M_o_R® Exam Format

 M_o_R® FoundationM_o_R® PractitionerM_o_R® Re-Registration
Question TypeMultiple ChoiceMultiple Choice;
objective testing based on a case-study scenario
Multiple Choice;
objective testing based on a case-study scenario
No. of Questions75 (5 trial and unscored)80 (4 main questions,
each subdivided to 20)
20 (2 main questions,
each subdivided to 10)
Duration60 minutes3 hours90 minutes
Passing Score (%)35 out of 70 (50%)40 out of 80 (50%)20 out of 40 (50%)
Exam StyleClosed-bookRestricted open book
– only the Official Manual and ABC Guide Part A Example Techniques Guidance
may be used
Restricted open book
– only the Official Manual and ABC Guide Part A Example Techniques Guidance
may be used

"The whole is more than the sum of its parts."

~ Aristotle