chapter is organized along five themes: 1.    We emphasize that risk monitoring is a fundamental part of the internal control environment. It helps ensure that the organization is entering into transactions that are authorized and properly scaled; it helps distinguish between events that are unusual and those that should have been anticipated. 2.    We show that there are three fundamental dimensions behind risk management-planning, budgeting, and monitoring. We observe that these three dimensions are intimately related and that they can be more completely understood by looking at their commonly used counterparts in the world of financial accounting controls. We posit that there is a direct correspondence between financial planning, financial budgeting, and financial variance monitoring and their risk management counterparts-namely, risk planning, risk budgeting, and risk monitoring. 3.    We introduce the concept of a risk management unit (RMU) and describe its role and placement within the organization. We discuss its objectives as well as the need for it to remain independent of portfolio management activities. As we will see, the existence of an independent RMU is a "best practice" for all types of investors, including asset managers, pension funds, and corporations. 4.    We describe techniques the RMU uses to monitor exposures in portfolios and provide samples of reports that might be used to deliver such information. 5.    Last, we introduce tools that are commonly used in the world of performance measurement. We observe that there is a duality between risk monitoring and performance measurement. Risk monitoring reports on risk that is possible, whereas performance measurement reports on performance (and so risk) that has materialized. We posit that performance measurement is a form of model validation. We would be remiss if we did not briefly observe that because the sources of risk are many, the modern organization must have a multidisciplinary approach to risk management. In their book, The Practice of Risk Management, Robert Litterman and Robert Gumerlock identify at least six distinct sources of risk.2 These include market, credit, liquidity, settlement, operational, and legal risk. Professional standards, quantitative tools, preemptive actions, internal control systems, and dedicated management teams exist in the modern organization to address each of these. Frequently, these risks overlap and various professional disciplines are required to work together to creatively craft solutions. While in this paper, our primary focus will be management and measurement of market risk and performance, these other risks are ever present and material. Often, stresses in market factors make these other risks more apparent and costly. AThe Practice of Risk Management, by Robert Litterman and Robert Gumerlock, Eu-romoney Publications PLC, 1998, page 32.