Enterprise Risk Management

Course review:

Good corporate governance today dictates that businesses should understand their major risks and put in place appropriate controls to manage them effectively so the business is more likely to archive its objectives.This highly interactive 3-day workshop explores how accountants, auditors and risk managers can act as a catalyst for good risk management and can assist in imbedding and improving its effectiveness. Participants will learn how they can add value at each stage of the risk management process-from risk identification to monitoring and reporting-without, in internal audit case, compromising objectively and independence...Participants will take away sample documents, practical checklist and worked examples. Whether you have been charged with establishing a risk management framework for the organization, want to increase the effectiveness of the existing risk management process or wish to benchmark against emerging best practice, this is the workshop for you.

COURSE CONTENTS

 The nature of risk

 Internal risk assessment - a framework

 Risk-based auditing - an integrated approach

 Risks in Financial Services Industries

 Computer risks and fraud

 Reducing the risks in electronic interchanges

COURSE OBJECTIVES

Those planning Internal Auditing department activities face the recurrent task of allocating expected resources to an apparently ever-expanding universe of demands. One means to focus limited resources is the use of appropriate risk analysis techniques.This three-day, intensive course provides auditors and audit management with a structured approach to risk management and internal risk assessment. Risks in computerized systems and the use of computerized risk assessment tools are also addressed.

Day 1

 Risk Management Unravelled

 Risk, risk management and ERM defined

 The corporate governance and regulatory context

 Investor and stakeholder pressures

 Current and emerging risk management standards and guidelines (COSO ERM)

 The Core Elements of a Risk Management Methodology

 Common risk language and assessment methodology

 Understanding risk appetite

 Establishing the roles and responsibilities

 The Board

 The Audit Committee

 Senior Management

 Employees

 The Risk Management Function.

 Internal Audit

DAY 2

 Enterprise Risk Management

 Exploring the Benefits

 Gaining Board and Audit Committee buy in

 Dealing with objections and concerns.

 The Importance of Risk Leadership: setting the tone from the top

 Building the Risk Framework

 A Tailored Framework for your business.

 Top down or Bottom up?

 Developing Risk Strategy and policy.

 Defining and Communicating Risk Appetite in your business

IDENTIFYING BUSINESS RISKS

 The Importance of Risk categorization.

 Sample risk categories

 Risk identification: PESTLE analysis

 Common strategic risks.

 The role of risk register

 Articulating risks to elicit action.ASSESSING AND PRIORITIZING RISKS

 Understanding inherent and residual risk.

 Risk assessment methodologies

 Developing a tailored risk assessment matrix for your business

 Applying risk appetite.MONITORING, REPORTING & ASSURANCE

 Response options: the 4Ts (Tolerate, Treat, Transfer, Terminate)

 Ownership and action planning

 Clarifying the reporting lines

 Establishing the best source/type of assurance

 Who should do what?

 Reporting within business.

 Latest trends in external risk disclosure

Day 3

ESTABLISHING AND PROMOTING + THE BUSINESS CASE FOR ERMNEW AND EMERGING RISK MANAGEMENT CHALLENGES

 Governance, strategic and ethics risks

 Reputational risks

 Corporate responsibility and stakeholder risks

 IT risk hotspots.

 Supply chain and outsourcing risks

 Project and programme risks

 CRSA control

EMBEDDING RISK MANAGEMENT THROUGH THE ORGANIZATION

 The importance of organizational culture.

 The use of risk software.

 Encouraging everyone to be their own risk manager

 Multiple risk appetites and hierarchies

 Integrating risk management with management processes (KPIs, strategic planning etc)

 Innovative early warning indicators and embedded monitors.ADAPTING YOUR APPROACH AS RISK MANAGEMENT MATURES

 Dealing with changing skills requirements

 Flexible interaction with other assurance providers.

 Tools for assessing risk management capability and effectiveness.

 Modifying your relationship with management and the board/audit committee.

 Measuring and reporting your own performance.

 Optimizing and communicating your role.