For some while there has been a growing awareness from both internal and external stakeholders that the governance and risk management in United Kingdom (U.K.) insurance companies needed to be enhanced. The proposed European Union Solvency II Directive makes this very explicit and the current economic turmoil has put a much stronger emphasis on the whole process: it is being seen as the right thing to do, rather than simply a regulatory requirement. In this paper, we set out the background to and recent history of governance for U.K. insurance companies, and consider how enterprise risk management can bring together the various control frameworks needed to support that governance. Whilst no two companies are the same, and hence the solutions to these issues will vary, there are several common themes linked to successful implementation. Similarly, various barriers to success are identified, together with solutions to resolve them.