One of the key proposed change under the UK Corporate Governance Code would require Boards to conclude on the effectiveness and material weaknesses regarding their risk management and internal controls relating to operations, reporting and compliance. Nisha Sanghani, summarising discussions at a recent Risk Coalition Risk Committee Chairs Forum, explains that the main aspect of the discussion focused on whether organisations have the right risk management framework in place to be able to confidently meet the requirements of the proposed Code revisions.  The view generally, however, was there is much work to be done by organisations to be able to do this.  However, if done properly, she says that UK companies can avoid firefighting when caught out by risk, and perhaps can even start to think about making commercial risk-based decisions.