Home    Who Is BRM?    Contact Us    Help

 


Course Diary  
Course Outlines  
Booking Information  
In-House Training  

The Challenge  
Facilitation  

£20Billion Industry  
Prevention  
Investigations  

Planning For SME's  
Book Your Session  

Course Programme  

In-House  
Internal Audit  
Fraud  
Risk Management  
Assurance  

< Home > < Open Courses > < Outlines > Business Risk Management

BUSINESS RISK MANAGEMENT
Why Risk is Not a ‘Four Letter Word’

The ability to manage significant risks effectively is often the main characteristic differentiating the most successful organisations from the rest, and can be the key to sustainable competitive advantage. Ill-informed or poorly executed risk management, on the other hand, can easily spell disaster (as Barings Bank and others have found to their cost).

Most organisations - be they private or public sector - are failing to achieve their full potential simply because they have no effective mechanism for identifying and evaluating their key risks and opportunities.

Any organisation that has encountered unwelcome surprises or unexpected losses will realise that most were preventable. Such events will almost certainly have been caused by risks that were not fully understood, or the processes to mitigate those events being inadequate.

The key is to recognise that risk is not something that should be avoided - a risk is often an opportunity in disguise.

Even without Corporate Governance requirements regarding business risk management, and the application of similar requirements in many public service bodies, most forward-looking organisations have recognised the need to develop a formal, comprehensive business risk management programme.

Similarly focused Internal Audit functions will also have grasped the opportunity to directly correlate their work programme and strategic direction with the most significant risks affecting their organisation.

This practical two-day course will enable participants to understand how to

  1. promote, develop, deliver and review a Business Risk programme

  2. use software to streamline the process, and

  3. successfully implement a risk-based audit strategy and methodology.

Who Should Attend?

Internal audit directors, Audit managers, Risk managers and advisers, and any executives with responsibilities embracing any aspect of risk management.

Topics Covered Include:

Overview of the key elements of a business risk programme (i.e. a process to allow organisations to identify, evaluate, mitigate and monitor their key risks and opportunities)
Explanation of the alternative risk identification methods
Facilitated workshops - why this approach is particularly beneficial
Explanation of the AUS/NZ global risk management standard
Demonstration of Methodware’s unique business management software (based on the AUS/NZ standard)
How to evaluate successfully the key risks identified
How to assess risk mitigation practices and identify exposures
How to deal with exposures
Opportunities for Internal Audit in the process
Translating key risks into the basis of the Internal Audit strategy and programme
Embedding the process into the business - to satisfy Corporate Governance requirements and meet business needs.

Course Outline

Day 1 - Identification of Major Business Risks

1.   Breaking Down the Barriers

  • Why senior management often lack a full understanding of the risks in their business

  • The role and responsibilities of Directors and line managers

  • Definition of business risk and its nuances

  • Designing strategies and systems to suit the organisation

  • Defining significance in relation to risk (in monetary and other terms)

  • Establishing a business risk programme - the steps to success

2.   Background

  • Why business risk management is receiving such publicity

  • High profile corporate failures and public embarrassments

  • The Corporate Governance debate (from Cadbury to Turnbull and beyond)

  • Government White Paper, NHS requirements, local government initiatives and other public sector developments

  • Explanation of the AS/NZS 4360 standard - the world’s first risk management standard

  • Other potential legislation and regulation

  • The issues involved.

3.   The Wider Business Agenda

  • The need to understand the organisation’s strategic objectives

  • Developing a programme to reflect these objectives

  • Understanding the organisation’s risk appetite

  • The components of a risk management framework.

4.   Risk Management Projects, Structures and Systems

  • Initiating and directing a risk management project

  • Identifying and allocating responsibilities

  • Establishing risk management systems

  • The phases and characteristics of a risk management process.

5.   Risk Identification and Evaluation

  • Approaches and techniques

  • How to establish a risk workshop process

  • The benefits of facilitation and the characteristics required

  • The use of diagnostic questions and thought-provokers

  • The pros and cons of using data capture technology

  • How to identify, sift and group the risks

  • Risk clustering - alternative approaches

  • Measuring the consequences and the likelihood of occurrence of each key risk

  • The use of risk matrices to weight the risks.

6.   Risk Workshop Case Study

  • Case study simulating a risk workshop

Day 2 - Evaluation of Mitigation Strategies, Identification of Exposures and Risk Monitoring

1.   Assessment of Risk Mitigation

  • Managing risk - the options

  • Management evaluation of mitigation controls

  • How to assess risk mitigation

  • Identification of risk exposures

  • Critical evaluation of exposures

  • Dealing with the exposures (the 4 Ts - terminate, tolerate, treat or transfer)

  • Establishment of action plans.

2.   Case Study (continued)

  • Risk mitigation and dealing with the exposures in practice

  • Using Methodware interactive risk management software.

3.   Options for Internal Audit Involvement

  • Pros and cons of Internal Audit facilitating the process

  • Risk-based auditing: explanation and options

  • Translation of the most significant risks into the basis of the audit programme

  • Monitoring of action plans and Audit Committee reporting

  • Evaluation and reporting of actual versus perceived controls

  • Determining which key risks are not readily auditable.

4.   Embedding the Process

  • Ensuring compliance with governance requirements and adopting best practice

  • Quarterly Board reporting to review progress in addressing the exposures

  • Risk Management Committee reporting

  • Half yearly evaluation of key risks to ensure new risks identified and included

  • Integrating the programme into the overall Risk Agenda e.g. strategic planning; health, safety and environmental management, regulatory requirements, insurance procedures etc.

5.   Course Summary

  • Key steps to establishing the programme in your organisation.

This course has been developed by Business Risk Management Ltd and will be delivered by Phil Griffiths, its Managing Director.
Copyright Business Risk Management Ltd 2004 

Course Outlines

Course Diary

Booking Information

In-House Training