Code Date City Venue Fees
AG008 26 - 30 Aug 2019 Houston - USA TBA $6,950 Register
TBA* = To be Announced   |  All fees are exclusive of VAT
Home » Seminars » Audit, Risk and Governance » Advanced Enterprise Risk Management:

Introduction

The turmoil in the world is continuing – with increasing public unrest   fluctuating oil prices, natural disasters of a scale thought unimaginable, volatile stock markets and world economic uncertainty.

In this time of global uncertainty how do you steer a course through these difficult waters?

Thankfully many organisations have realised that an Enterprise Risk management (ERM) approach was needed. This has ensured that risks that were previously managed in isolation can be aggregated and prioritized across the entire business.

However, stopping here is like driving a plane on a highway – it might go faster than the cars but it hasn't reached its full potential.

Advanced ERM goes one step further. Risks are evaluated based on business materiality. A new understanding of the risks then emerge, and efficient controls can be implemented to tackle what really matters to the business. In short,  the focus becomes strategic value creation instead of risk avoidance.

This GLOMACS training seminar on Advanced Enterprise Risk Management will provide the opportunity to

  • Take Enterprise Risk Management (ERM) to a strategic level
  • Learn lessons from Global risk events
  • Determine a clear risk attitude and appetite process
  • Identify the key emerging risks
  • Link risk clearly wit decision making

Objectives

After completing this GLOMACS training course you will be able to:

  • Implement appropriate and varied techniques for the identification and assessment of risks
  • Generate measurable value by aligning the Enterprise Risk Management (ERM) framework with corporate performance expectations
  • Engage the Board in the analysis of enterprise risk scenarios
  • Foster a culture that reinforces appropriate risk-taking to balance value creation and value protection
  • Clarify Enterprise Risk Management (ERM) accountabilities of all employees from executives to the front line
  • Implement key risk indicators (KRI’s) for each line of business
  • Enhance achievement of corporate objectives by linking performance targets, and risk management actions

Training Methodology

This is an advanced level course and delegates should have previous experience in the risk arena. Delegates should have a good educational standard and/or a professional qualification but no advance preparation is required.

The delivery method will Group-live - with exercises and role-plays to simulate audit scenarios and situations that assurance professionals will encounter. A short examination will be given at the end of the course.

Organisational Impact

This GLOMACS training course will benefit organisations in all business sectors.  It will provide advanced tools and techniques to refocus the risk process  towards business materiality with each risk being evaluated and compared by it’s financial, legal, reputational, and regulatory impact, and classified by the effect they could have on the business.

This GLOMACS training course will enable organizational knowledge to be enhanced in the following areas:

  • The many and varied approaches for risk identification
  • The use of sophisticated techniques such as Delphi, Monte Carlo and Bayesian network analysis
  • Key Risk indicators
  • How to energize your staff to manage risks
  • Enterprise Risk Management (ERM) in projects

Personal Impact

This GLOMACS training course will enable delegates to enhance their personal knowledge in the following disciplines:

  • Risk register effectiveness
  • Driving risk ownership
  • Coordinating the ERM process
  • Challenging risk evaluations
  • Engaging top management in the ERM process

Who Should Attend?

  • Chief Risk Officers
  • Risk managers
  • Managers and Directors responsible for the risk management function or process
  • Heads of Internal Audit
  • Heads of Assurance functions
  • Senior Finance professionals

Seminar Outline

Day 1:

Taking Enterprise Risk Management (ERM) to the next level

Characteristics of an advanced Enterprise Risk Management (ERM) process  

  • Board-level commitment to ERM as a critical decision framework
  • A dedicated risk executive in a senior level position to drive the process
  • An Enterprise Risk Management (ERM) culture that encourages full engagement and accountability at all levels of the organization
  • Engagement of stakeholders in risk management strategy development and policy setting
  • Transparency of risk communication
  • Integration of financial and operational risk information into decision making
  • Use of sophisticated quantification methods to understand risk and demonstrate added value through risk management
  • Identification of new and emerging risks using internal data as well as information from external providers
  • A move from focusing on risk avoidance and mitigation to leveraging risk and risk management options that extract value
  • Enterprise Risk Management (ERM) case studies (banking and FMCG)
  • New paper on Enterprise Risk Management (ERM) and the role of Executive management will be shared

Exercise 1 – The challenges involved

 

Keeping your eye on the big prize

  • Enterprise Risk Management (ERM) spans all lines of business and is governed at the enterprise level
  • Enterprise Risk Management (ERM) spans all types of risks, across all business units, functions, processes, and systems
  • Identifies and assesses risk events, plans and executes a response to them
  • Identifying principal risk factors (Vodafone case study)
  • Provides transparent, risk-adjusted business performance management
  • ERM focuses on risk events that impair the enterprise from fully achieving objectives

Exercise 2 - The big picture – news stories 

 

Exploring Global Enterprise Risk Management (ERM) Scenarios

  • In this interactive session, delegates will explore global risk scenarios and then discuss the implications for their organizations.
  • Risk Attitude
  • The need to define risk as the need to get things right – not what can go wrong
  • ‘Ring fencing’ risk exposure - never allow one part of the business to impact the whole organisation
  • Determining and communicating your attitude to risk and your required risk culture to managers and stakeholders
  • Recognising that reputation is both your biggest asset and the biggest risk you face – and one you cannot insure
  • Not waiting until you are required to provide evidence of effective risk management by regulators or legislation – this will usually be too late

Exercise 3 – Determining risk attitude

 

 

The Enterprise Risk Management (ERM) roadmap

  • Review the current ERM environment
  • Conduct gap analysis
  • Conduct management workshops and agree priorities
  • Develop ERM roadmap of priorities for implementation

Exercise 3 - Developing the ERM roadmap

 

Day 2 

Enterprise Risk Management (ERM) risk measurement techniques

Risk Measurement methods

  • The need for quantative risk analysis
  • Structured Interviews
  • Risk workshops
  • Delphi (expert analysis)
  • Ishikawa diagrams (fishbone analysis)
  • Failure mode and effect analysis (FMEA)
  • Scenario planning
  • Root cause analysis
  • Monte Carlo analysis
  • Bayesian networks
  • The pros and cons of the various methods

 

Risk workshops

  • The power of workshops
  • Techniques for successful risk workshops
  • The need to involve peer groups
  • Establishing a risk workshop
  • Facilitation techniques

Exercise 5 –Risk identification workshop

 

Delphi (expert analysis)

  • Getting consensus from experts of different backgrounds and perspectives
  • Comparing the opinions of qualified experts from different fields
  • Determining acceptable risk by using experts to assess e.g. total credit given versus credit available or to establish creditworthiness criteria
  • Worked example

Exercise 6 –Delphi analysis – the mystery

 

Ishikawa (fishbone) analysis

  • Very effective in evaluating risks with multiple causes
  • Steps in fishbone analysis
    • Problem identification
    • Primary and secondary causes
    • Establishing priority criteria
    • Preparing fishbone diagram
    • Analysing the output

Exercise 7  Ishikawa exercise - loss of key personnel

 

Failure mode and root cause analysis

  • Evaluation of potential failure modes for processes
  • The likely effect on outcomes and/or product performance
  • Risk reduction measures to eliminate, reduce or control the potential failures
  • Impact, probability and detection criteria
  • Determination of RPN (risk priority number)
  • Worked example of FMEA

Exercise 8 FMEA exercise

 

Scenario planning

  • Why risks identified are often too generalised e.g. loss of key personnel
  • The need to evaluate various scenarios for each generic risk
  • The techniques and success factors

Exercise 9  Disaster scenario exercise – power failure

 

Day 3   

More risk assessment techniques

Fault tree analysis

  • Systematic method of System Analysis
  • Examines the system top down
  • Used to investigate potential faults
  • Quantify contribution to system unreliability
  • Worked example

 

Monte Carlo simulations

  • Mathematical technique that allows people to account for risk in quantitative analysis and decision making.
  • Provides a range of possible outcomes and the probabilities they will occur
  • Determines a probability distribution
  • The types of distribution
    • Normal(bell curve)
    • Uniform
    • Triangular
  • Uses of Monte Carlo simulations
  • Used to price complex financial instruments
  • To determine the VAR (value at risk)
  • Determining the option to expand, contract, or postpone a project

Exercise 10 Monte Carlo exercise

 

Bayesian networks

  • Bayes theorem
  • Adding more data to an original idea to enhance decision making
  • Use of Bayesian networks
    • Will it rain tomorrow
    • Visiting the doctors
    • Banking sector

Exercise 11 Bayesian network exercise – plane delay

 

Emergent risks

  • There is no clear boundary with other types of risk
  • Emergent Risks cannot often be easily anticipated
  • At early stages they are often low probability / high impact
  • Areas for consideration
    • Political
    • Regulatory
    • Legal
    • Security
    • Technology
    • Environmental
    • Knowledge

Exercise 12 – Team Exercise to enable you to appreciate the emergent risks – The Ageing society

 

Crisis Management

  • The need for preparation
  • Pre-prepared media statements
  • Types of crisis
  • The difference between emergency and crisis management

 

Key risk indicators (KRI’s)

  • The banana skins
  • Identifying these in advance
  • Examples of KRI’s
  • New KRI guidance
  • How to develop effective KRI’s

Exercise 13  KRI’s

 

Day 4

Advanced Enterprise Risk Management (ERM) issues

The Risk register challenges

  • Why the Enterprise Risk Management (ERM) process often fails to engage management
  • Risks recorded are much too general
  • Causes and effects are confused with risks
  • Only residual risk is concentrated on
  • Various different methods are used for scoring risks
  • Benefits are difficult to determine
  • The register is spread sheet based
  • The process is far too complex
  • The Risk register solution

Exercise 14 –The advanced Enterprise Risk Management  (ERM) risk register

 

Enterprise Risk Management (ERM) tips for success

  • Use a risk assessment framework to assess your risk maturity and prepare a plan to enhance this maturity (if required)
  • Adopt ISO31000 (the International risk standard) and apply the principles across the business
  • Only use one risk matrix for the Business – every function should not develop their own
  • Ensure that you have common risk terminology and communicate it widely
  • Recognise risks may have multiple scenarios e.g. loss of key personnel (how many, in which area etc)
  • Set meaningful Key risk indicators (KRI’s) to warn you before risks materialize
  • Prepare a graphical or tabular record of key risk for the Board
  • Recognize that understanding risk is the key to successful corporate governance
  • Arrange a reputation risk workshop for senior management
  • Get the whole risk process benchmarked

Exercise 15 – Enterprise Risk Management  (ERM)  – the 30 questions

 

Risk appetite and risk tolerance

  • What is risk appetite
  • The difference between risk appetite and risk tolerance
  • Defining risk limits
  • Risk profiling
  • Developing risk appetite statements
  • Examples of risk appetite statements

Exercise 16 – Defining risk appetite

 

Enterprise Risk Management  (ERM) and decision making

  • For every key proposal passed to the Board or senior management for decision, insist that a full risk analysis is submitted
  • Match key risks to corporate objectives each year.
  • Ensure that you under promise and over perform – not the other way round
  • Invite all your key stakeholders to a risk workshop
  • Analyse the major surprises and near misses that you have had in the last 12 months
  • Recognise that ‘if it seems too good to be true’ it probably is
  • Prepare media statements in advance to cover all possible crises
  • Twice a year ask all key executives to identify 3 opportunities and set up a high level workshop to discuss and prioritise them
  • Develop a corporate opportunity register
  • Offer special incentives for the best ideas to reduce risk or exploit opportunities
  • Do not commit time and money in risk mitigation unless a monetary or other significant benefit can be demonstrated
  • Calculate the value of income required to cover each dollar/dirham/riyal wasted due to poor risk management – use this multiplier as a business driver.

Exercise 17 – Exploiting Opportunities – corporate globalisation – risks and reward

 

Day 5

Wider aspects of Enterprise Risk Management (ERM)

 

Assurance and Enterprise Risk Management (ERM)

  • Ensuring your assurance providers roles e.g. Internal Audit, Compliance, Risk Management, Insurance, Security etc are co-ordinated to avoid duplication of effort
  • Why you should incorporate internal audit agreed actions in your risk register
  • Ensure environmental risk is taken seriously (even if you are in a sector such as Financial Services
  • Ensure that your Business Continuity plan covers all eventualities and ensure it is fully tested
  • Identify new ways to benefit the least able section of the wider community you serve
  • New guidance on coordinating RM & assurance

Exercise 18 – How to Coordinate Enterprise Risk Management (ERM) Across Your Organisation        

 

Energising your staff to manage risk

  • Ensure that your staff know that risk management is not a fad or the latest initiative – it is a business process
  • Get risk management as an agenda item in staff meetings
  • Recognise that your employees will only be interested in managing risks if there is a benefit for them in doing so
  • Not give too many risks to the same manager
  • Complete as much of the risk programme with your own managers – do not over rely on consultants – you have to own the process
  • Realise that if managers want to get a proposal through, they will tend to understate the risk (if you let them)
  • Recognise that risk is the pulse of the organization and make sure that you have personnel to regularly take this pulse

 

Enterprise Risk Management  (ERM)  in projects and Joint ventures

  • Determine the associated risks at the very earliest stage of a project
  • Recognise that it is most unlikely that the project can be delivered to time, to budget and meet all the objectives outlined
  • Decide up front which of the 3 elements, time, financial budget or functionality you are willing to compromise first.
  • Hold risk workshops with the shortlisted suppliers or contractors before awarding a contract
  • Give executives a clear brief regarding the decisions that may or not be made by them before they attend each meeting with partners
  • Require your executives to provide written feedback from all such meetings
  • Determine a clear protocol for reviewing JV’s and partnerships
  • Not assume that because a JV is effective in year one it will necessarily be the same in year 2 and beyond
  • Ask your internal audit function to be involved in all key systems and projects at key stages during the development phase
  • Ensure you have a right to audit clause for all outsourced operations and exercise that right

Exercise 19 – Enterprise Risk Management  (ERM) E –project success criteria

 

Enterprise Risk Management (ERM) in projects golden rules (with case studies)

  • Make risk management an integral part of the project
  • Identify risks early in the project
  • Communicate the risks widely
  • Consider both risks and opportunities
  • Prioritise the risks
  • Analyse the risks properly
  • Plan and implement risk responses

Exercise 20 – Team exercise – the wall

 

Accreditation

  • Quality Logo

In Association With

Oxford Management Centre

Oxford Management Centre

A GLOMACS - Oxford Management Centre collaboration aimed at providing the best training services and benefits to our valued clients

Visit website

You may also be Interested in...

Home » Seminars » Audit, Risk and Governance » Advanced Enterprise Risk Management:

VAT Announcement: The Government of UAE have introduced Value Added Tax (VAT) on goods and services from 01-January-2018. In compliance with the legislation issued by the UAE Government, we will be applying a 5% VAT on the fees for all our programs and services offered from January 2018 as applicable and stipulated in the FTA circulars.

© 2018. Material published by GLOMACS shown here is copyrighted.

All rights reserved. Any unauthorized copying, distribution, use, dissemination, downloading, storing (in any medium), transmission, reproduction or reliance in whole or any part of this course outline is prohibited and will constitute an infringement of copyright.

DMCA.com Protection Status

Send to Colleague

© 2018. Material published by GLOMACS shown here is copyrighted.

All rights reserved. Any unauthorized copying, distribution, use, dissemination, downloading, storing (in any medium), transmission, reproduction or reliance in whole or any part of this course outline is prohibited and will constitute an infringement of copyright.





Sending your message. Please wait...

Send Successfully

There was a problem sending your message. Please try again.

Please complete all the fields in the form before sending.

Print Page

© 2018. Material published by GLOMACS shown here is copyrighted.

All rights reserved. Any unauthorized copying, distribution, use, dissemination, downloading, storing (in any medium), transmission, reproduction or reliance in whole or any part of this course outline is prohibited and will constitute an infringement of copyright.








Sending your message. Please wait...

Close

There was a problem sending your message. Please try again.

Please complete all the fields in the form before sending.

Download PDF

© 2018. Material published by GLOMACS shown here is copyrighted.

All rights reserved. Any unauthorized copying, distribution, use, dissemination, downloading, storing (in any medium), transmission, reproduction or reliance in whole or any part of this course outline is prohibited and will constitute an infringement of copyright.








Sending your message. Please wait...

Close

There was a problem sending your message. Please try again.

Please complete all the fields in the form before sending.

Download Training Calendar

Want to stay in touch with what's happening in Glomacs?
Join the conversation on our social media channels:

Facebook Twitter LinkedinYouTube