Course Description:

A number of different approaches to risk management and assessment have been developed, yet companies face challenges in deciding which approach to take: a method that brings benefits to one may not be good enough for another. This seminar provides companies ways to assess and manage risk, compliance and auditing that can be easily adapted to any kind of business across the globe. Attendees will learn practical approaches and proven tools to implement robust risk management systems within their organizations.

This highly interactive 2 day in-person seminar will explain how to use any type of process to enhance risk and control identification and contribute important information to the overall risk management plan. Attendees will gain the skills for understanding risk management, how to do effective risk assessments, and how to include business process mapping into any enterprise risk management program, risk assessments and audit processes. The seminar will explain how any work function really operates, to identify risks and opportunities for improvement, and to implement changes or new processes that will have an immediate impact on both the participant’s own, and the organization’s, objectives.

Learning Objective:

Seminar attendees will learn:

Seminar instructor Joan Pastor has:

  • Worked as the head facilitator for the National Security Agency.
  • Facilitated off-sites with all the intelligence agencies of the Dept. of Defense as well as representatives from the White House under the Clinton Administration.
  • Trained FBI professionals and police departments on white collar criminal and fraud interviewing skills.
  • Facilitated many off-sites with executive teams from a number of private and public companies in numerous countries.
  • Enterprise Risk Management (ERM) vs. Risk Assessments vs. Risk Self-Assessments:  How they all work together for the most efficient and comprehensive coverage.
  • To use ERM to proactively address opportunities, increase customer and stakeholder value and determine risk threshold.
  • To use the copyrighted © JPA Top Down Risk Analysis Mapping Process to get to the real processes, procedures, risks and controls.
  • Specific applications to regulatory standards, global and compliance standards, ISO, clinical trials and more.
  • To take business process mapping and documentation and risk assessments to the highest level of real proactive organizational change.
  • How to identify significant risks related to any business function through your clients' eyes and assess the existence and strength of controls against the risk exposure.
  • The power of risk and fraud self-assessments (RSA), and a highly effective process for facilitating them.
  • Secrets for turning around resistant noncompliant functions who fight your involvement.
  • To use “natural systems selection” tools from organizational psychology to differentiate real risk from trivial risks, and immediately increase client buy-in.

Who will Benefit:

This course is designed in such a way so as to provide comprehensive learning for both risk/audit professionals and personnel in non-audit functions (including IT and executive teams) across industries. The following personnel will benefit from attending the course:

  • Internal and external auditors
  • Regulatory & compliance personnel
  • Fraud & risk managers
  • Company executives

Course Outline:

Day One (8:30 AM – 5:00 PM) Day Two (8:30 AM – 5:00 PM)

Registration Process: 8:30 AM – 9:00 AM

Session Start Time: 9:00 AM

  1. What is Risk?
    • Why is this so important? What does it mean to manager, employee and auditor?
    • Traditional approaches to define risk
    • Why traditional approaches are not enough
    • Assessing risk at an organization-wide level vs. a business unit level
    • What about areas that already have compliance controls in place (i.e.; environmental, safety, legal regulations)
  2. Enterprise Risk Management vs. Risk Assessment vs. Self-Assessment
    • What exactly are each of these, how they work, and why all are of critical importance in risk assessment processes and risk management
    • How to integrate all three arenas above so that they work together and complement each other
  3. Two Fundamental Approaches: the typical ones and the one that works
    • The strength and weaknesses of the traditional approach that is usually taught
    • A step by step process for implementing an approach that can be customized to your organization’s particular needs, and to the needs and goals of specific business functions
    • Two examples: Harley-Davidson and the Los Angeles Employee Retirement Association (LACERA) (a private and public organization)
      • Who are Harley Davidson and LACERA?
      • The step-by-step process for each organization that we developed and how we got there
      • The struggles and challenges we went through
      • Changes we made along the way
      • Simple risk universe maps from other companies (i.e.; Caterpillar)
    • Reviewing ERM and/or RA approaches in small groups and class discussion
    • The role of organizational culture, vision and resources in determining the best approach and our approach
      • What to do if you have a supportive management and culture
      • Suggestions if you do not have a supportive management and culture
    • All about Questionnaires
      • What types of questionnaires are there and what works best in companies and different organizational cultures
      • Pros and cons to using questionnaires in risk assessments
      • Different types of questionnaires: self-assessment, 360, and abilities-based, and the strengths and limitations of each
      • How to put together a proper questionnaire that will gather the best information: what the experts say
      • How to determine where to do business process mapping to verify risk and control information given in the questionnaire.
      • Why questionnaires are not enough
      • Asking follow-up questions after reviewing the questionnaires
    • Reviewing ERM and/or RA approaches and questionnaires from the class, ranking and weighting risks without business process mapping first:
      • Small groups and facilitated discussions
  4. Gaining People's Buy-In to ERM and/or doing Risk Assessments
    • Step-by-step strategies of gaining "buy-in" from the necessary people at all levels of your agency
      • How to address and handle people’s fear of change
      • What to do and say when any level of management says things are fine as they are
    • Critical Communication Skills: Tying your function’s activities, goals and objectives to those you are trying to create collaboration with
    • Explaining how risk management, risk assessment, the Audit Plan and the organization’s goals and their strategies for achieving them all work together.
    • Using Business Process Mapping and specific self-assessment techniques (to be taught on second day) to help people see how risk assessments add value.
      • How Business Process Mapping (BPM) ties in and fills the gap between the desire to achieve goals and the actual ability to achieve goals.
      • How integrating (BPM) appropriate risk management actually helps all organizational functions achieve their goals, and stay in alignment with the larger vision of the organization.
    • Building a partnership both “horizontally and vertically” through risk assessments
    • Making sure Audit Committees or equivalent also understand your objectives, how all parts of the process (i.e., from ERM to RA to Audit Plan) all fit together and are committed.
  5. Action Plan Part One
    • What can you take from all this so far?
      • Developing a preliminary plan, prioritizing areas to cover, determining how detailed to get
      • Questions and concerns
      • Sharing Your preliminary plan in groups

  1. Introduction to Business Process Mapping (BPM) and Root Analysis Tools
    • What is business process mapping, and what are the tools used in process mapping (overview)
    • Determining which business processes in your organization, or an organizational function, should be monitored
    • How to construct process flow charts that are efficient and effective
      • The psychology behind business processes: how processes and procedures get messed up in the same way in all organizations around the world
      • The objectives of process flow charting
      • The extremely limited place for narratives and flowcharting software in BPM
    • How to start aligning the process flow charts with BOTH risks and controls in mind
    • The unique and only efficient way to do BPM:
      • What specific process mappings to use: a step-by-step process
      • What each process mapping tool is, what it is designed to do, and when to use each
    • Determining value-added vs. non-value added activities
    • Root Cause tools: the companion tool to this method of process mapping
  2. Doing Risk Assessments and Analyses off of Business Process Maps
    • Step by step instruction and practice in doing risk assessments off of process maps
    • Determining “Root Cause”: what it is and why it is critical to successful audits and risk assessments
      • Learn the best tool for getting to root cause
    • How root cause work impacts overall risk assessment, audit planning and the audits themselves
    • Using BPM as a baseline for measuring performance, and performance improvement
    • Analyzing controls off business process and/or root cause maps
    • Action plans: keeping them simple while integrating them into BPM
  3. Introduction to Facilitation Skills for BPM and Group Self-Assessments
    • Why are facilitation skills a core competency in all types of audit, risk, IT, compliance and related professions?
    • The 5 competencies required for excellent facilitation of groups
    • Using facilitation skills to gain buy-in to making changes in processes and procedures
      • Managing their resistance to change and to listening to you
      • Your role as an effective change agent that also gains every client’s respect
    • Quick decision-making tools when consensus is not forthcoming
  4. The Process for Leading a Business Process Mapping Workshop
    • Prework:
      • Planning the meeting from beginning to end to ensure success
      • Meeting with the function’s management before the BPM meeting: what to say and do
      • How to address sensitive issues (i.e.; politics, resistance, conflicts) and set clear expectations before and during the meeting
    • The actual workshop: How to start the workshop: agenda, ground rules, etc.
    • How to turn any goal into a process, procedure or system to be mapped (and how to turn any process back into a goal!)
    • Does benchmarking or further research need to be done before finishing?
      • Creating action plans for gathering necessary research before meeting again.
    • Determining and ranking risks while encouraging creativity and innovation
      • Determining the criteria for ranking risks and controls
      • Bringing the type of risk into the picture- inherent risk, present risk, and residual risk
      • Making sure the criteria for ranking and BPM improvements are customer focused, consider the vendor, and enhance quality, strategic goals and stated business objectives.
    • Assessing controls from the map or from deeper root analysis tools
      • Turning controls into action plans
      • Ending the workshop, follow-up decisions and monitoring improvements
      • Bringing the results back to the higher levels of larger risk assessments and to your risk universe or ERM program
  5. Practice, Practice, Practice
    • Practice on facilitation skills and the tools for doing BPM, Root Cause Analysis, assessing and ranking risks and controls
    • Going through a live simulation of a BPM workshop
    • Debrief and experience how it all fits together as one whole system
    • Discuss applications ongoing to your own unique organization and situation
  6. Close: Action Plans: Part Two
    • Updating your action plan(s) to take back to work and start using immediately

Meet Your Instructor

Joan Pastor, Ph.D.
President, JPA International, Inc.

Joan Pastor, Ph.D., president of JPA International, Inc. is a licensed organizational and clinical psychologist who provides keynote, training and consultation services to numerous national and international organizations and associations. Ms. Pastor is a certified speaking professional (CSP), a certified mediator, and has an extensive coaching practice. She is well-known for her keynotes and work in assisting organizations in developing their vision, plus the strategy and processes to achieve it.

She has been working with finance, risk, security (including intelligence) & audit professionals since 1986 and has made pioneering contributions to these professions in risk assessments; all areas related to the “People or Soft Skills”; integrating finance, incorporating risk and fraud into corporate objectives and strategy; business process documentation; and in working with executive management , boards, and audit committees.

She has uncovered numerous embezzlement and other fraudulent schemes over the years in her own work and with audit, risk and finance colleagues. She has been named Outstanding Young Woman of the Year, awarded the U.S. Army Customer Service Award, and was awarded the National Leadership Award from the U.S. Business Advisory Council in both 2003 and 2006.

Seminar Instructor Joan Pastor has:

  • Worked as the head facilitator for the National Security Agency.
  • Facilitated off-sites with all the intelligence agencies of the Dept. of Defense as well as representatives from the White House under the Clinton Administration.
  • Trained FBI professionals and police departments on white collar criminal and fraud interviewing skills.
  • Facilitated many off-sites with executive teams from a number of private and public companies in numerous countries.

Register Now

Online using Credit card

Get the Invitation
Pre-Register yourself and get the official Invite when venue and dates are announced for this seminar.
Call here to register +1-888-717-2436 or email at

Other Registration Option

By order form / PO#

Payment Mode

By Check -
Pay your check to (payee name) “MetricStream Inc” our parent company and Mail the check to:

ComplianceOnline (MetricStream, Inc),
6201 America Center Drive Suite 240
San Jose, CA 95002

By Wire -

Register / Pay by Wire Transfer

Please contact us at +1-888-717-2436 to get details of wire transfer option.

Terms & Conditions to register for the Seminar/Conference/Event

Your Registration for the seminar is subject to following terms and conditions. If you need any clarification before registering for this seminar please call us @ +1-888-717-2436 or email us @

Payment is required before 2 days of the date of the conference. We accept American Express, Visa and MasterCard. Make checks payable to MetricStream Inc. ( our parent company)

Cancellations and Substitutions:
Written cancellations through fax or email (from the person who has registered for this conference) received at least 10 calendar days prior to the start date of the event will receive a refund — less a $200 administration fee. No cancellations will be accepted — nor refunds issued — within 10 calendar days from the start date of the event.

On request by email or fax (before the seminar) a credit for the amount paid minus administration fees ($200) will be transferred to any future ComplianceOnline event and a credit note will be issued.

Substitutions may be made at any time. No-shows will be charged the full amount.

We discourage onsite registrations, however if you wish to register onsite payment to happen through credit card immediately or check to be submitted onsite. Conference material will be given on the spot if it is available after distributing to other attendees. In case it is not available we will send the material after the conference is over.

In the event ComplianceOnline cancels the seminar, ComplianceOnline is not responsible for any airfare, hotel, other costs or losses incurred by registrants. Some topics and speakers may be subject to change without notice.

Attendance confirmation and Documents to carry to the seminar venue:
After we receive the payment from the registered attendee an electronic event pass will be sent to the email address associated with the registrant before 5 working days from the seminar date. Please bring the pass to the venue of the event.

Conference photograph / video:
By registering and attending ComplianceOnline conference you agree to have your photographs or videos taken at the conference venue and you do not have any objections to use these photos and videos by ComplianceOnline for marketing, archiving or any other conference related activities. You agree to release ComplianceOnline for any kind of claims arising out of copyright or privacy violations.


The speaker was very knowledgeable and the support material provided was very useful. I would strongly recommend this conference to others.
- Finance Manager, Omani National Livestock Development Co SAOC

It was my first experience with the ComplianceOnline and its good ComplianceOnline took initiative to interact with attendees to draw feedback for improvement. Speaker has got very good communication skills.
- Internal Auditor, Al Ahli Bank of Kuwait

Overall it was good seminar. People from ComplianceOnline were available all the time.
- Accounting Manager - Financial Controller, Aramex International

The program was well organized and coordinated by ComplianceOnline
- Corporate Finance Manager, Aramex International

Presenter was very well experienced in her field. Material was good for compliance/ audit field professionals.
- Finance Manager, Weir Solutions FZE

The seminar was well planned and interactive. Informal conversations with other attendees were very useful.
- Business Analyst, Weir Solutions FZE

The seminar was very interactive and the presenter was very knowledgeable
- Deputy CEO, AllianzTiriac Pensions CO

Communication skills of the trainer were very good.
- Senior Internal Auditor, Coca Cola Icecek

It was very interactive seminar.
- Internal Auditor, Coca Cola Icecek

Joan is a good speaker and was very knowledgeable.
- EHS & WCP Manager, CROWN Emirates Co. Ltd.

Media Partners



Zener IT Solutions

Media Partner Benefits
  • Logo and company data on the event website.
  • Logo on the conference material distributed during the conference.
  • Media Partner’s brochure distributed along with conference material.
  • Logo on all the mailings before and after the event.
  • 10% discount to media partner's subscribers.

Media Partner to do
  • Banner (min 728x90 or 468x60) on the Media Partner website.
  • Insertion of the event in the event calendar, both printed and/or online.
  • Announcement article of the conference on the Magazine and/or Website.
  • Dedicated email blast to all subscribers of Media Partner.
  • Article on the Magazine and/or Website after the conference.


Local Attractions

Standing at over 828 meters high, the Burj Khalifa is recognized as the tallest building in the world. This famous structure houses residential housing, office suites, as well as the new Armani Hotel. Guests can take in the fantastic views of the Dubai skyline from its Observatory Deck located on the 124th floor.

This amazing man-made island in the shape of a palm tree is considered the “8th Wonder of the World”.  It houses a number of commercial properties and exclusive residential homes with their own private beaches.

The Dubai Mall is the world's largest shopping mall based on total area and sixth largest by gross leasable area. It offers a vast selection of shops with the latest in fashion, and an array of family activities. The Mall's Aquarium and Discovery Centre, officially earned the Guinness World Record for the world's "Largest Acrylic Panel".

The Dubai Fountain is a record-setting choreographed fountain system set on the 30-acre manmade Burj Khalifa Lake, at the center of the Downtown Dubai development in Dubai. Illuminated by 6,600 lights and 25 colored projectors, it is 275 m (902 ft) long and shoots water up to 500 feet into the air accompanied by a range of classical to contemporary Arabic and world music.

Visit the Dubai Museum to learn about the Dubai of yesteryear.  Located in the Al Fahidi Fort in Bur Dubai, it is the oldest building in the city.  The museum provides guests.

Dubai desert safari is a total entertainment package with adventure and fun elements that one should not be missed out at any cost. You can admire the scenic beauty of the golden sand dunes at the same time can have a slice of excitement as well.

These traditional Arabic-style souks offer a unique shopping experience in one of the oldest trading areas of the city.  Located off the shores of the Dubai Creek in Deira, guests can take in the delightful sights and smells of these famous souks.

This creek has served as the life's blood of Dubai throughout its history, and as such offers much in the way of history and culture.  In the evening guests can enjoy a delightful “Dhow” dinner cruise.

We need below information to serve you better

Best Sellers
You Recently Viewed