Guide8 min read
What Is a Risk Register? Definition, Purpose & Examples
Learn what a risk register is, why it matters, and how to use one effectively in your organization. Includes real-world examples and best practices.
Learn Risk Management
Master enterprise risk management with expert guides, frameworks, and best practices.
Guide
Inherent vs Residual Risk: Key Differences Explained
Understand the difference between inherent and residual risk, and why tracking both matters for ERM.
Guide
Risk Likelihood and Impact Scoring: A Practical Guide
Master risk scoring with likelihood and impact matrices. Includes examples and best practices.
Guide
Types of Risk Controls: Preventive, Detective & Corrective
Learn the 3 types of risk controls with examples. Build a balanced control framework for effective risk management.
Tutorial
How to Create a Risk Register (Step-by-Step)
A complete guide to building your first risk register from scratch with practical examples.
Tutorial
How to Review and Update a Risk Register
Establish a sustainable review process that keeps your risk data accurate and actionable.
Tutorial
How to Link Risks, Controls, and Actions
Build connected relationships that show how your organization manages risk from identification through mitigation.
Guide
Risk Registers & Internal Audit: How They Work Together
Discover how risk registers support internal audit planning, execution, and follow-up for stronger governance.
Tutorial
How to Prepare for an Internal Audit Using a Risk Register
Get your risk register audit-ready with proper documentation and evidence organization.
Guide
Risk Registers vs Compliance: Understanding the Difference
Learn how risk management and compliance differ, and how to integrate them for stronger governance.
Guide
POPIA Compliance Checklist: A Practical Guide
A step-by-step POPIA compliance checklist to help South African organisations meet their obligations under the Protection of Personal Information Act.
Guide
Risk Appetite vs Risk Tolerance: Understanding the Difference
Risk appetite and risk tolerance sound similar but serve very different purposes. This guide explains both concepts and helps you avoid common mistakes.
Guide
What Is a Risk Heat Map and How Do You Build One?
A practical guide to risk heat maps — what they are, how to create one, and how to communicate risk clearly.
Best Practices
How AI Is Transforming GRC in South Africa
Explore how AI is changing governance, risk, and compliance for South African organisations.
Guide
FICA Compliance in South Africa 2026: A Complete Guide
Everything South African accountable institutions need to know about FICA compliance in 2026 — CDD, RMCP, PEP screening, and technology.
Guide
Building an ERM Framework in Africa: A Practical Guide
How to build an enterprise risk management framework for South African and African organisations — COSO ERM, ISO 31000, King IV, and 6-step implementation.
Frameworks
King V and Board Risk Oversight in 2026
What South African board directors must know about King IV/V risk governance in 2026 — board obligations, risk committee best practice, and combined assurance.
Frameworks
NIST AI Risk Management Framework: A Guide for South African Organisations
How South African organisations can apply the NIST AI RMF to govern AI systems — alongside POPIA, King IV, and sector regulations.
Guide
Data Governance Framework for South African Organisations
How to build a POPIA-aligned data governance framework — roles, policies, data inventory, data quality, and breach response.
Guide
Internal Audit Software for South African Organisations
How to choose internal audit software in South Africa — IIA standards alignment, must-have features, King IV combined assurance, and evaluation criteria.
Guide
GRC Certifications in South Africa 2026: Which Should You Pursue?
A practical comparison of CIA, CRISC, CISA, CGAP, and GRCP certifications for South African GRC professionals — with guidance on choosing based on your career goals.
Guide
Third-Party Risk Management in South Africa
Practical framework for managing vendor and supplier risk in South Africa — POPIA operator agreements, TPRM lifecycle, vendor risk assessment, and technology.
Guide
B-BBEE Compliance Automation in South Africa
How automation transforms B-BBEE compliance management — scorecard tracking, supplier certificate management, verification preparation, and GRC integration.
Frameworks
COSO ERM Framework Explained
Learn how COSO ERM integrates risk management with strategy, governance, and performance.
Frameworks
King IV Risk Management Explained
Understand South Africa's governance code and its risk management requirements for organisations.
Tutorial
How to Score Risk Likelihood and Impact
Create consistent scoring criteria that produce meaningful, comparable risk assessments.
Tutorial
How to Track Compliance Obligations Without Duplication
Map regulatory requirements to controls and eliminate duplicate work across frameworks.