Risk management in microfinance is complex because of the absence or near absence of traditional risk mitigation mechanisms like collateral and guarantees, as well as the high volumes of cash transactions conducted in remote locations. Moreover, many MFIs are mission-driven organisations, and therefore prone to strategic and political risks that are unique to them and the clients they serve. As MFIs continue to grow and expand, serving more customers and attracting more mainstream investment capital and funds, they need to strengthen their internal capacities to identify and anticipate potential risks, and thus to avoid unexpected losses and surprises. This note focuses on understanding the risk function and its difference from internal audit. It also looks at different types of risks, as well as understanding some basic risk terms, risk identification and risk prioritisation.