Develop and execute an Enterprise Risk Management (ERM) system – 6 part course series
Why Should You Attend:
ERM provides a framework for risk management. By identifying & proactively addressing risks & opportunities, business enterprises protect & create value for their stakeholders & enhance governance. However on occasions risk management is only a taken as a hollow gesture to appease without real commitment from the board or senior management. The objective of this 6 part series of webinars is to arm internal auditors & risk managers with practical insights to ensure enhance their skills to embed an effective enterprise-wide risk management process. You will tackle the key question of how audit can influence risk strategy to help gain management confidence in the organisation’s ability to manage its risks in a fast changing environment. How can audit do this while pursuing its strategic & operational goals? Plus:
Areas Covered in the Webinar:
- Integrated risk management & the role of internal audit.
- Thoughts on deepening the ERM process & avoiding over reliance on ERM.
- Identifying your top audit risks.
- Implementing a risk based audit approach that balances compliance issues.
- What constitutes “good practice” in the different areas of risk.
- How to build the ERM plan.
- Key considerations in designing & integrating an ERM framework.
- Determining objectives, scope & outcomes of your ERM framework.
- Aligning ERM with your operating environment; one size does not fit all.
- Capabilities & competencies: who should be responsible & accountable.
- Designing & developing the ERM framework; why a pilot is good practice.
- Understand how to assess the Governance, Risk management and Compliance (GRC) capability & maturity of your business. How to implement Enterprise GRC Management.
- Learn how to stimulate improvement at each stage of the Enterprise GRC management process.
- Assess & prioritize GRC to determine the contribution of each segment to the aggregate risk profile.
- Discover how to raise risk awareness & embed Enterprise GRC thinking & practice.
- Understand ‘risk appetite’ & how to communicate it.
- Balance both GRC threats & opportunities to maximise value to the business.
- Apply your ERM Process to GRC: a proactive role for internal audit.
- Understand new & emerging risks – & how you can contribute towards mitigation and management.
- Monitor & review the continual measurement & monitoring of the GRC environment & the performance of the GRC management strategies.
- Gain insights into current best practice in Enterprise GRC Management.
- Treat & exploit GRC including the development of strategies for controlling & exploiting the various risks.
Detailed Agenda for each Session:
Session 1 - The Riskability Process - Introducing Enterprise Risk Management (ERM) (90 Min)
- Concepts behind risk management.
- Taking stock of risk management.
- Assessing the value of ERM.
- What is a sound ERM framework?
- A common language – definitions & terminology.
- Risk governance (structure, policies, supervision).
- Risk culture (philosophy, appetite, limits).
- Risk management process (identification, assessment, monitoring, reporting).
- Introduction to The Riskability Doctrine.
Session 2 - The Riskability Project - Risk Management & Internal Audit - How to track EGRCM Effectiveness (90 Min)
- The key steps of the risk management process.
- Defining risk appetite.
- ERM levels & reporting structures.
- Risk assessment.
- The board & risk leadership through audit & risk committees.
- How does senior management and stakeholders fit in?
- The role of internal audit in ERM.
- Introduction to Bayesian Risk Aggregation.
Session 3 - The Riskability Roadmap - Building the EGRCM Plan & Implementation Challenges (90 Min)
- Risk management benchmarking – a starting point.
- EGRCM design principles (objectives, scope & outcomes, accountability, transparency, approvals, documentation etc).
- Aligning EGRCM to the operating environment. What are the implementation issues, challenges related to awareness, education, capabilities, competencies, design, development, etc.
- New & emerging risk management challenges.
- Embedding EGRCM throughout the organization & culture.
- Measuring, managing & reporting your own performance.
Session 4 - The Riskability Canon - Applying the EGRC principles to the Riskability doctrine (90 Min)
- What does EGRCM mean and how can it create value or improve results.
- How to determine whether EGRCM initiatives deliver value & optimize performance.
- Alignment of EGRCM processes & activities through a proactive Internal Audit.
- A framework for measuring & evaluating GRC capability.
- How to measure the true value & cost of compliance?.
- Regulatory requirements such as Basel II and Solvency II require the organization to be in control.
- The use of IT tools to measure and monitor the key performance metrics.
- Ownership and responsibilities between Board of directors, management internal audit and key business managers.
Session 5 - The Riskability Exercise – creating a EGRCM culture and technology deployment (90 Min)
- How to develop an effective EGRCM culture that supports the overall vision, mission and objectives of an organization.
- What are the Issues affecting the structure and culture of organizations and enterprises.
- What are the EGRC tolerance themes to secure an effective EGRCM culture.
- A framework for measuring & evaluating GRC capability.
- How to integrate EGRC culture to the Riskability processes and frameworks.
- Let technology paint the new EGRCM road map based on the increasing sophistication (dynamism and complexity of the modern business environment).
- What is the proper approach to IT EGRCM?
- Understand the role of IT and technology to enable the operation to recognize the importance of EGRCM.
Session 6 - The Riskability Integration. – Integrating strategies and HR in EGRCM. Steps to leverage the impact of EGRCM mandates (90 Min)
- The development of Corporate Governance as the first mandate for Risk Management.
- Specific mechanisms by which corporate governance impacts the various types of economic crime such as; accounting fraud, insider trading and self-dealing, affecting business operation.
- Detection of crimes like money laundering, bribery, corruption, tax fraud and terrorist financing.
- Corporate culture of ethics and compliance like whistle blowing.
- The functions of EGRCM, internal controls and audit.
- Transparency of information flows to the board and stakeholders.
- A properly functioning audit committee.
Who Will Benefit:
- Governance, Risk, Compliance (GRC) staff
- CFO, Treasurers
- Chief Risk Officers,Chief Legal Counsel,Chief Compliance Officer
- VPs of Risk Management, VP of Finance, Controllers
- Director, Internal audit
- Director, Operational Risk
- Manager, Enterprise Risk Management
- Risk analysts
- IT governance directors/managers
- IT risk directors/managers
- IT compliance directors/managers
- IT Audit directors/managers
- Information security directors/managers
- GRC and IT directors/Consultants involved in following areas- Audit, Compliance, Governance, Risk management, Sarbanes Oxley (SOX), Ethics, Regulatory, Legal, Governmental affairs, IT, Accounting, Finance, Reliability, Quality assurance
Kersi Porbunderwalla, Eminent GRC Strategist and Proprietor of GRC Controllers, Denmark, Kersi F. Porbunderwalla and GRCControllers are recognized to be one of the foremost authorities on EU directives within the framework of Governance, Risk, and Compliance (GRC) mandates. Kersi has worked closely with organizations like ExxonMobil, IBM, Shell and Volvo. GRCControllers is often considered to be one of the foremost authorities in extending a broad view understanding and impact of EuroSox® and GRC certification, standards, frameworks, regulations, and legislation.