Code of Ethics

Professional Conduct & Ethical Standards

The Organisation of Certified Risk Managers Limited operates OCRM® as an independent professional body for enterprise risk management, governance and related risk disciplines.

OCRM® requires members and designation holders to uphold standards of professional integrity, competence, confidentiality and responsible governance conduct.

Adherence to this Code of Ethics is a condition of OCRM® membership and designation maintenance.

Interpretation and application of this Code shall be guided by principles of reasonableness, proportionality, available evidence and recognised professional standards in enterprise risk management and governance practice.


1. Integrity

Members shall:

  • Act honestly and transparently in professional activities

  • Avoid misleading representations regarding qualifications, experience, membership grade or designation status

  • Disclose material conflicts of interest where relevant

  • Uphold the reputation of the risk management profession and OCRM®

Members must not:

  • Submit false, misleading or fabricated information in connection with qualification, membership or designation applications

  • Misrepresent professional standing, experience, competence or governance authority

  • Misuse OCRM® membership, qualifications, designations or branding

  • Engage in conduct likely to materially damage the integrity of the OCRM® designation framework


2. Professional Competence

Members shall:

  • Maintain appropriate knowledge and skill in enterprise risk management and governance practice

  • Undertake continuing professional development in accordance with OCRM® CPD requirements

  • Accept professional responsibilities only where competent to perform them, or where appropriate supervision or specialist support is in place

  • Exercise professional judgement responsibly, diligently and with appropriate care

Professional competence obligations apply within the scope of the member’s professional practice, role and responsibilities.


3. Objectivity & Independence

Members shall:

  • Exercise professional judgement free from undue influence

  • Avoid conflicts of interest that compromise objectivity

  • Disclose material interests where appropriate

  • Maintain independence where required by governance, oversight, assurance or advisory responsibilities

Professional opinions, risk assessments and governance recommendations should be grounded in evidence, sound reasoning and appropriate professional judgement.


4. Accountability & Compliance

Members shall:

  • Fulfil professional obligations with due care and diligence

  • Respect applicable laws, regulations, organisational policies and professional requirements relevant to their practice

  • Promote sound risk governance within their organisations or professional context

  • Recognise the broader implications of risk management decisions

  • Escalate material risk or ethical concerns through appropriate organisational, professional or legal channels where required by role, policy or law

This Code applies to professional conduct within the scope of enterprise risk management, governance and related professional responsibilities.


5. Confidentiality

Members shall:

  • Protect confidential information obtained through professional activities

  • Use information only for legitimate professional purposes

  • Avoid improper disclosure unless authorised or legally required

  • Take reasonable care when handling sensitive, personal, commercial or regulated information

Where disclosure is required, members should take reasonable care to follow applicable legal, organisational and professional procedures.

Confidentiality obligations continue beyond termination of membership or designation status.


6. Proper Use of Designation & Representation

Members and designation holders shall:

  • Use OCRM® post-nominal designations only while their designation status is active and where permitted by OCRM® rules

  • Accurately represent qualification achievements, membership grade and professional status

  • Refrain from implying endorsement, accreditation, authority or regulatory status not granted by OCRM®

  • Avoid misuse of OCRM® logos, trademarks, certificates, digital credentials or branding

  • Ensure public profiles, CVs, proposals and professional materials do not misrepresent OCRM® status

OCRM® designations — PCRM, MCRM and FCRM — must not be used in a misleading, deceptive or unauthorised manner.


7. Compliance with the OCRM® Framework

Members agree to:

  • Comply with applicable OCRM® governance policies

  • Maintain annual membership renewal where required

  • Fulfil CPD requirements applicable to their membership grade or designation status

  • Cooperate with review, verification, complaints, appeals or inquiry processes where applicable

  • Provide accurate information to OCRM® when requested for legitimate governance, membership or verification purposes

Failure to maintain renewal, CPD compliance or other applicable requirements may result in a change to membership or designation status, including loss of active status or other registry updates where applicable.


Ethical Review & Enforcement

Alleged breaches of this Code may be reviewed in accordance with OCRM®’s documented governance, complaints, appeals and disciplinary procedures.

Members subject to review will normally be:

  • Notified of the concern

  • Provided with an opportunity to respond

  • Assessed in accordance with documented procedures

  • Informed of the outcome where applicable

Determinations are made based on available evidence, documented review and applicable OCRM® governance requirements.

OCRM® reserves discretion to apply proportionate measures based on severity, context, available evidence, risk to professional standards and the member’s response.

Possible outcomes may include:

  • Advisory guidance

  • Requirement for remedial action

  • Warning or formal notice

  • Temporary suspension of designation status

  • Change to public verification status, where applicable

  • Withdrawal of designation or membership in serious cases

Appeals are reviewed independently from the original determination in accordance with the OCRM® Complaints & Appeals Procedure.

Allegations determined to be frivolous, vexatious, malicious or unsupported by sufficient information may be dismissed or closed without substantive review.

View Complaints & Appeals Procedure


Jurisdiction & Applicability

OCRM® governance procedures apply to membership and designation status regardless of geographic location.

This Code governs professional standing within the OCRM® membership and professional standards framework. It does not replace local legal, regulatory, employment, contractual or professional obligations.

Members remain responsible for understanding and complying with laws, regulations and professional duties applicable to their own jurisdiction, role and sector.


Commitment to Professional Standards

By applying for membership, accepting a designation or maintaining active OCRM® status, individuals affirm their commitment to uphold this Code of Ethics.

Professional standing within OCRM® is contingent upon continued compliance with ethical, CPD, membership and governance requirements.


Effective Date & Review

This Code applies to all active OCRM® members and designation holders from the date of acceptance or publication, as applicable.

The Code is subject to periodic review to ensure continued alignment with evolving professional standards, governance expectations and OCRM® policy requirements.

Updated versions may apply from the stated effective date.

Ethical Principles

The Code of Ethics sets out the principles that underpin professional standing within OCRM. Members are expected to uphold these principles in all professional activities relating to enterprise risk management.
  • Integrity — acting honestly and in accordance with professional obligations.
  • Professional competence — maintaining and developing applied risk capability.
  • Objectivity — exercising independent and impartial professional judgement.
  • Accountability — accepting responsibility for professional decisions and conduct.

Scope of Application

The Code applies to all individuals holding an active OCRM designation or membership, including those engaged in advisory, governance, operational, or leadership roles relating to enterprise risk.
Ethical compliance forms a core component of designation validity and ongoing professional standing.

Conduct Review

Concerns relating to professional conduct are reviewed in accordance with documented OCRM procedures. Where necessary, review may result in conditions, suspension, or revocation of designation in line with published governance standards.