Risk Taxonomy

From Open Risk Manual


A Risk Taxonomy is the hierarchical categorization of risk types into a tree structure, whereby risks higher in the hierarchy are decomposed into more specific (granular) manifestations.

List of Risk Taxonomies for the Financial Sector

There is no over-arching risk taxonomy that applies consistently to the entire financial sector, let alone more general business / organizational models. There are a number of separate taxonomies implicit or explicit in the extant regulatory frameworks for financial institutions:

The Open Risk Taxonomy

The Open Risk Taxonomy is an 'open source risk classification framework developed by Open Risk and used also within the Open Risk Manual. The primary objectives of this taxonomy are:

  • to support the development of a comprehensive and consistent set of Open Source Risk Management Software.
  • to provide means to organize the material incorporated in the Open Risk Manual

Taxonomy Tree

See Also

  • An interactive exploration of the taxonomy is also available here.
  • The conceptual approach to the taxonomy is document in the following White Paper.


  1. BCBS, Principles for the Sound Management of Operational Risk
  2. EBA, Final Guidelines on ICT Risk Assessment under SREP

Contributors to this article

» Wiki admin