**5. The structure of integrated risk management**

Achievement of the objectives of integrated risk management within an organization presupposes the meeting, in a logical sequence, of specific and required activities, as follows: setting the context, setting the objectives, risk identification, risk assessment, setting a risk response, implementation of control measures, information and communication and monitoring.

#### **5.1. Integrated risk management process**

Integrated risk management is structured on component elements of the COSO model, indicating that the control environment is defined by the internal environment and risk assessment consists of setting goals, identifying events, risk assessment and risk response.

### *5.1.1. The internal environment*

It represents the theoretical and conceptual stage of risk management process, which presupposes an organizational culture on risks and knowledge of risk management operating concepts, and whether they are implemented and known at all levels within the organization.

This stage involves carrying out specific activities to implement risk management within the organization, as follows:


In relation to the means of establishing the context of implementation of risk management it is established and designed risk management policy, objectives and tasks of the implementation of risk management methods and methodologies for the identification, evaluation, treatment and control risk. At the same time, it is determined the structure responsible for risk management, the powers and responsibilities of it, taking into account the fact that *"management activity it means to commonly achieve the necessary objectives for the final of the organization*11*"*.

The characteristic of this work is the tone given by the organization on risk management and methodology they use in risk management and how are communicated the concepts of risk and the response of staff on risk management philosophy.
