This guide aims to bring together elements of best practice for risk management, to prompt boards to consider how to discharge responsibilities in relation to existing and emerging principal risks faced. It also aims to reflect sound business practice, whereby risk management and internal control are embedded in the business process, and to highlight related reporting responsibilities.