The idiom “cherry on top” is a 20th‑century English expression that grew out of the literal practice of finishing cakes and ice‑cream sundaes with a decorative red cherry, and then shifted metaphorically to mean a small extra that makes something already good even better.[1][2][3]
Literal dessert origin
In confectionery, cooks commonly placed a bright red cherry—often a glacé or maraschino cherry—on the very top of cakes and ice‑cream sundaes as a visual and flavorful finishing touch. This highly visible, non‑essential garnish provided the image that the idiom alludes to: something already complete, made a little more special by a final flourish.[2][3][4]
Shift to figurative meaning
From this culinary practice, “cherry on top” came to describe “an extra benefit or positive detail that makes something even better,” i.e., a pleasant bonus added to an already good situation. Modern dictionaries have it as “a thing that makes something good even better” and place it alongside similar expressions like “icing on the cake.”[3][4][5][6][1]
Before you even think about icing on the cake, it is worth checking your foundation layers (E1s) – especially in your crucial Domains (such as D3).
UNIVERSAL FRAMEWORK – Domain 3. Risk & Resilience
E1 – Exists (Gateway Evidence) uses the metric: % of critical risks with treatments that reduce risk to achieving target. Does a defined organisational process exist for identifying, assessing, and managing risks?
An assessment against this metric would look for clear evidence that there is a defined, repeatable risk management process (E1) – below are examples of the kind of evidence and notes that would typically support that level.
E1 – Exists (Gateway Evidence)
Evidence that a defined organisational process exists for identifying, assessing, and managing risks.
You would expect to see:
- Documented risk management framework and policy approved by the governing body, referencing standards such as ISO 31000 and describing objectives, scope, roles, and responsibilities.
- A documented risk management process (e.g. procedure or toolkit) that clearly sets out steps: establish context, identify risks, analyse/assess, evaluate against criteria, treat, and monitor/review.
- Defined risk categories, rating scales, and risk evaluation criteria (likelihood, consequence, and clear definitions of “critical” risk).
- Evidence that the process is in use: completed enterprise or divisional risk registers showing risks identified, assessed, and evaluated using the standard method.
- Governance artefacts that show the process is embedded: terms of reference for risk committees, role descriptions for risk owners, and scheduled risk review cycles.
- Training or awareness material showing that staff are informed about how to identify and escalate risks (e.g. presentations, intranet guidance, learning modules).
Notes an assessor might make:
- “Risk management framework v2.1 approved by Board in May 2025; process aligned to ISO 31000 and applied across all business units.”
- “Enterprise risk register evidences consistent use of standard likelihood/consequence matrix and risk criteria for all critical risks.”
- “Quarterly risk committee pack includes standing agenda items on risk identification, assessment, and treatment planning.”
Sources
[1] Cherry on top – Idioms Meaning https://www.idiomsmeaning.info/cherry-on-top/
[2] cherry on top – Wiktionary, the free dictionary https://en.wiktionary.org/wiki/cherry_on_top
[3] How To Use “Cherry On Top” In A Sentence: Proper Usage Tips https://thecontentauthority.com/blog/how-to-use-cherry-on-top-in-a-sentence
[4] Cherry on Top – Business English Booster https://businessenglishbooster.com/cherry-on-top/
[5] Cherry on Top https://en.wikipedia.org/wiki/Cherry_on_Top
[6] the cherry on (top of) the cake https://dictionary.cambridge.org/us/dictionary/english/cherry-on-top-of-the-cake
John Salter Consulting Services 