ENTERPRISE RISK MANAGEMENT (3 DAYS)
This three-day course focuses on the COSO Enterprise Risk Management – Integrated Framework in the context of corporate governance and managing strategic and operational risks to achieve greater value for investors.
• Enterprise Risk Management in context
How developments in corporate governance led to worldwide adoption of risk management processes in all sectors and all industries
How Enterprise Risk Management became more than risk management and a characteristic of more capable and more profitable organizations
COSO’s Enterprise Risk Management – Integrated Framework: background and overview
Risk management maturity – how to recognize those who can and those who can’t manage risk effectively
• COSO ERM in depth
The key elements of the COSO approach
Case studies of organizations and their real-world risks
Step by step through the eight elements of ERM
Aligning strategic, compliance and reporting objectives
• The Challenges to Implementation
Internal environment factors
A closer look at philosophy and culture
What is risk appetite and how do we define and quantify it?
First time ERM versus continuing ERM
Remedial ERM (where previous implementation has failed)
The roles of the Risk Manager and the Allied Risk Management Professionals
Readiness check for your organization
Case studies: ERM tools and examples
• Risk Identification, Analysis and Assessment
Events, Risks and Opportunities
Describing risks intelligently to aid better management and assurance: causes, consequences, impacts and likelihood
Inherent, residual and acceptable exposure levels
Analyzing risks: themes, functions, processes
Risk interdependence and correlation
Methodologies and techniques: COSO, case studies, workshops for risk and control self-assessment
• Responses to Risk
The Four T’s
Risk management strategies
Control frameworks and control activities
Risk Appetite, Control Appetite and Assurance Appetite
Project Management: applying ERM to projects
• Monitoring Risks, Controls and Action – the path to Assurance
Management’s responsibilities for risk management, monitoring and reporting
Internal reporting processes: triggers, incidents and near-misses
Internal reporting processes: signing off and following up
The role of independence assurance – internal and external
Cultural barriers to effective risk management
External risk reporting – requirements, pros and cons