Steps in Legal Risk Management

Step 1

Determine the legal scope: which legislation is relevant, which are coming up, what type of controls.

Step 2

Risk analysis: identify the most important legal risks and estimate the probability and impact.

Step 3

Determine risk appetite to determine which risks are acceptable and which are not.

Step 54

Control: take additional control measures where necessary.

Step 5

Monitor existing and new control measures.

A new Culture Around Risk & Compliance

Corporate lawyers are increasingly important in guarding the organization’s license to operate. The problem here is that more and more regulators want to see evidence that regulations are being complied with. Managing all this compliance takes a lot of time, so that soon there is not enough capacity available to be 100% compliant. A risk-driven approach (as described in ISO 19600) keeps things manageable by focusing on the key risks and controls. This is the basis for awareness and a new culture around risk & compliance.

Three Lines Model


Try it yourself for 30 days free of charge, no strings attached

Create or Import a Compliance Framework

Comply or explain. This means, you must be able to demonstrate compliance with legislation such as the AVG, Wwft, ISO-27001, ISO27002, BIO, Norea, ISMS, ISAE 3402, SIRA. A lot of legislation can be translated into processes, risks and related controls. With NARIS Next, you can build or import risk & control frameworks that are easily available for various organizational units.

Build a Legal Risk Inventory

A claim, a fine, an error in a contract. These are all risks which ultimately have legal consequences. With NARIS Next, you can build a legal risk inventory in which you create a file per risk, that enables you to easily find everything. From the inventory you can, for example, load all risks from the AVG into your organization.

Start with a Legal Workflow

Legislation must be implemented within the organization. This applies to research, the design of a risk & compliance framework, but also to the implementation of training and the follow-up of recommendations. NARIS Next helps organizations by collecting business information with which risk analyses and audits can be carried out. This makes monitoring the follow-up easy.


Try it yourself for 30 days free of charge, no strings attached

Inspiration around compliance.

Let's talk

Do you have questions about our solutions for your organization? Please feel free to contact us

Fill out the form or
call Kim:

Kim Vorgers

Contact us without obligation

Would you like to know what we can do for your housing association? Fill in the form below.