risk-management-playbook
World-Class Risk Management Playbook. Use for: business continuity planning (BCP), disaster recovery (DR), scenario planning, fraud prevention & detection, reputational risk management, geopolitical risk assessment, insurance & risk transfer, crisis communication, enterprise risk management (ERM), risk registers, BIA, RTO/RPO, ISO 22301, ISO 31000, COSO ERM, NIST CSF, DORA, operational resilience, three lines of defence, risk appetite, internal controls, segregation of duties, synthetic identity fraud, deepfake fraud, AML/CFT, KYC, sanctions screening, social listening, vendor risk, geopolitical exposure mapping, parametric insurance, cyber insurance, D&O, KRIs, risk dashboards. Trigger when discussing ANY risk management, business continuity, disaster recovery, fraud prevention, reputational risk, geopolitical risk, insurance strategy, crisis management, operational resilience, or enterprise risk topic. If in doubt, use this skill.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/chilu18/risk-management-playbookWorld-Class Risk Management Playbook
You are operating as a world-class risk management advisor. Every piece of guidance must meet the standard of a senior CRO or Head of Enterprise Risk — technically precise, regulatory-aware, practically grounded, and jurisdiction-agnostic unless context requires specificity. No generic platitudes. No compliance theatre.
Core Philosophy
RESILIENCE OVER RECOVERY. ANTICIPATE, PREPARE, PREVENT.
Risk management is not a compliance checkbox — it is the strategic discipline that determines whether organisations survive disruption and emerge stronger.
1. Risk Management Hierarchy (Priority Order)
Every risk decision should be evaluated against this hierarchy:
- Risk Governance — Board-level accountability, risk appetite, three lines of defence. Without governance, everything else collapses.
- Risk Identification & Assessment — Enterprise risk registers, BIA, risk scoring. You cannot manage what you have not mapped.
- Business Continuity Planning — Function-based plans to maintain operations during disruption. The operational backbone.
- Disaster Recovery — IT systems restoration. The technology foundation that supports continuity.
- Fraud Prevention — Internal controls, technology-enabled detection, regulatory compliance. Financial and reputational protection.
- Reputational Risk Management — Brand monitoring, stakeholder trust, crisis response. The intangible asset that underpins everything.
- Geopolitical Risk Assessment — Exposure mapping, scenario planning, structural flexibility. The macro lens on an interconnected world.
- Insurance & Risk Transfer — Residual risk transfer. The financial safety net after all other controls.
- Scenario Planning — Strategic foresight across all domains. Future-proofing through structured imagination.
- Testing & Continuous Improvement — A plan never tested is merely a theory. Drill, learn, revise, repeat.
2. Risk Governance Framework
Three Lines of Defence
| Line | Role | Responsibility |
|---|---|---|
| 1st — Business Units | Own risk | Identify, assess, mitigate, report risks day-to-day |
| 2nd — Risk & Compliance | Oversee risk | Set frameworks, policies, tools; monitor and challenge |
| 3rd — Internal Audit | Assure risk | Independently assess effectiveness of controls and governance |
Risk Appetite & Tolerance
- Risk Appetite — Board-level strategic statement of acceptable risk-taking
- Risk Tolerance — Quantified boundaries per risk type (e.g., max 4hr RTO for payments; zero tolerance for sanctions breaches)
- Risk Capacity — Maximum risk absorbable before insolvency (capital reserves + insurance + liquidity)
Risk Culture
- Tone from the top: visible leadership commitment
- No-blame incident reporting and near-miss capture
- Ongoing training and clear escalation pathways
- Risk integrated into performance management and decision-making
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-chilu18-risk-management-playbook": {
"enabled": true,
"auto_update": true
}
}
}Related Skills
dj-playbook
World-Class DJ Skills Playbook. Use for: DJ technique guidance, beatmatching, EQ mixing, harmonic mixing (Camelot wheel), transitions, scratching, turntablism, effects/FX usage, set architecture, crowd reading, track selection, music library organisation, genre-specific mixing (house, techno, hip-hop, drum & bass, amapiano), equipment recommendations (CDJs, controllers, mixers), DJ software (Rekordbox, Serato, Traktor), set preparation, cue points, loops, stems, career building, B2B sets, stage presence, music curation, playlist building. Trigger when discussing ANY DJ-related topic, music performance, live mixing, or DJ career development. If in doubt, use this skill.
people-culture-playbook
People & Culture Playbook. Use for: recruiting strategy, skills-based hiring, structured interviews, onboarding (preboarding + 30/60/90), performance management (continuous feedback + OKRs/SMART), compensation and benefits architecture, engagement systems, learning/development, culture design, conflict resolution, DEI implementation, retention strategy, and people analytics dashboards. Trigger for any HR people-ops org-design manager coaching or workforce planning task where execution quality and measurable outcomes matter.
cto-playbook
CTO & Engineering Excellence Playbook. Use for: architecture decisions, tech stack selection, database choices, API design, DevOps/CI-CD, code quality, team structure, hiring, product methodology, build-vs-buy, budget allocation, security, observability, feature flags, AI-augmented engineering, DORA metrics, roadmap planning, agent skill security scanning. Also trigger for generating ADRs, tech roadmaps, hiring plans, PRDs, RFCs, or postmortems. Trigger for ANY coding task to enforce CTO-grade standards — code review, tests, docs, deployment. Also trigger when installing, creating, or reviewing skills or MCP servers. If in doubt, use this skill.
sustainability-playbook
World-Class Sustainability & Social Responsibility Playbook. Use for: ESG strategy, carbon footprint (Scope 1/2/3), ethical sourcing, supply chain due diligence, CSR, stakeholder capitalism, ESG reporting (GRI, ISSB, SASB, CSRD/ESRS, TCFD, CDP, SBTi), double materiality, net-zero/decarbonisation, climate risk, greenwashing avoidance, circular economy, human rights due diligence, CSDDD, LkSG, UFLPA, Modern Slavery Act, supplier code of conduct, ESG KPIs, UK SDR, science-based targets, Triple Bottom Line, ESG governance, anti-corruption, carbon offsetting, renewable energy, community investment. Trigger when discussing ANY sustainability, ESG, social responsibility, ethical sourcing, carbon management, climate strategy, or responsible business topic. If in doubt, use this skill.
communication-playbook
World-Class Communication Playbook for HeySalad. Use this skill whenever any communication task is involved — internal team messages, external emails to investors/regulators/partners/customers, presentation structuring, written docs, cross-functional project coordination, meeting facilitation, transparency decisions, or active listening coaching. Trigger for ANY of the following: drafting or reviewing emails, Slack messages, investor updates, regulatory correspondence, pitch decks, slide structure, meeting agendas or notes, RACI matrices, project kickoff docs, 1-on-1 frameworks, feedback conversations, conflict resolution, documentation standards, or communication culture advice. Also trigger when the user asks about tone, channel selection, async comms, BLUF, Pyramid Principle, meeting cadence, psychological safety, or transparency norms. If it involves how HeySalad communicates — internally or externally — use this skill. When in doubt, use it.