Courses - Embedding Risk Management into the Corporate Culture

< Home > < Open Courses > < Outlines > Embedding Risk Management Corporate

Embedding Risk Management into
the Corporate Culture

The ability to manage significant risks effectively is an increasingly critical success factor for all organisations, irrespective of the sector they represent. Badly informed or poorly executed risk management, on the other hand, can easily spell disaster (as recent high profile failures have demonstrated).
Any organisation that has encountered unwelcome surprises or unexpected events should realise that most were preventable. Such events will almost certainly have been caused by risks that were not fully understood, or the processes to mitigate those events being inadequate.
As each month passes the importance of risk and assurance increases, or so it would appear form the ever-increasing coverage being given to the subject.
The result is that risk management has been catapulted from being a useful tool to become the very pulse of the organisation and the yardstick by which its management is judged.
The key is to recognise that risk is not something that should be avoided – a risk is often an opportunity in disguise.
Even without Corporate Governance requirements regarding business risk management, most forward-looking organisations have recognised the need to develop a formal, comprehensive business risk management programme.

Who Should Attend?

Any executive or manager tasked with developing, implementing or facilitating a business risk programme or anyone tasked with providing assurance to senior management that the significant risks are being managed appropriately.

This 2-day course will enable participants to:

Increase focus on and delivery of objectives;
Enhance understanding of risks and exposures faced
Enforce ownership of risks;
Build understanding of how risks are changing
Integration of risk management into systems and project based development, contracting and partnership arrangements;
Share effective working practices between managers and specialists;
Enhance management information relating to Corporate Governance
Identify over-managed risks and unnecessary controls

Topics Covered Include:

Overview of the key elements of a business risk programme (i.e. a process to allow organisations to identify, evaluate, mitigate and monitor their key risks and opportunities)
Explanation of the alternative risk identification methods
How to successfully evaluate the key risks identified
How to assess risk mitigation practices and identify exposures
How to deal with exposures
Practical demonstration of risk workshops
Why you need to embed the risk management process into the Corporate culture
Risk as the pulse of your organisation
Why Risk management is a real business enabler
Explanation of the key features of the various Standards (AUS/NZ, IRM/AIRMIC, COSO, BASEL etc)
How to cascade the process effectively
How to coordinate the efforts of the various assurance providers
Why the emerging risks may be the real threats
Opportunities for Internal Audit in the process

Course Outline

Day 1 - Identification of Major Business Risks

Breaking Down the Barriers

Why senior management often lack a full understanding of the risks in their business.
The role and responsibilities of Directors and line managers
Definition of business risk and its nuances
Designing strategies and systems to suit the organisation
Defining significance in relation to risk (in monetary and other terms)
Establishing a business risk programme - the steps to success.

Background

Why business risk management is receiving such publicity
High profile corporate failures and public embarrassments
Exercise 1 – the major risks in your organization
The Corporate Governance debate
Explanation of the AS/NZS 4360 standard – the internationally recognised risk management standard + COSO + IRM standards
Other potential legislation and regulation
The issues involved.

The Wider Business Agenda

The need to understand the organisation’s strategic objectives
Developing a programme to reflect these objectives
Understanding the organisation’s risk appetite
Categories of Risk
The Risk management framework
Exercise 2 – analysing a real disaster
Risk management systems

Establishing An Embedded Risk Management Process

Why is risk such a hot topic?
Surprises and risk
Why financial risks are only the tip of the iceberg
The widening of the risk portfolio
The challenges- Basel, Governance, Non-Exec’s liabilities etc
The need to link risk management with strategic planning
New and emerging Risks- Reputation, Social, Environmental etc
Getting your Chief Executives support
Developing a risk strategy for your organisation
Establishing the business case
Selling the benefits to management
Risk and competitive advantage
Risk workshops – the do’s & don’ts

Risk Identification and Evaluation

Exercise 3 – An exercise to allow you to see risk taking in action
Approaches and techniques
How to establish a risk workshop process
The benefits of facilitation and the characteristics required
The use of diagnostic questions and thought-provokers
The pros and cons of using data capture technology
How to identify, sift and group the risks
Measuring the consequences and the likelihood of occurrence of each risk
The use of risk matrices to prioritise the risks.
Corporate Governance reporting requirements
Getting your Chief Executives support
Agreeing a common risk language
Developing a risk policy for your organisation
Selling the benefits to management

Interactive Risk Workshop

Exercise 4 - An actual risk workshop – with your own risks
Enabling you to appreciate all elements covered in a live situation

Day 2 – Practical Risk Evaluation and mitigation

Assessment of Risk Mitigation

Managing risk – the options
Management evaluation of mitigation controls
How to assess risk mitigation
Identification of risk exposures
Critical evaluation of exposures
Dealing with the exposures (the 4 Ts - terminate, tolerate, treat or transfer)
Establishment of action plans.

Interactive workshop –part 2

Exercise 5 - Risk mitigation and dealing with the exposures in practice

Integrating The Output From Risk Workshops Into The Business Planning Process

Linking corporate risks into the Strategic planning process
Linking operational risks into service planning
Risk owners – how to determine such personnel and enforce ownership
Annual statements by risk owners
Developing risk tracking
Using the risk register as a decision skeleton
Quarterly Board reporting to review progress in addressing the exposures
Risk Management Committee reporting
Half yearly evaluation of key risks to ensure new risks identified and included
Reports for Senior Management - power point example will be shared
Exercise 6 – Team exercise to enable you to appreciate the emerging risks

Recording The Risk Environment

Risk registers – the need to coordinate and link the output
Flagging interdependencies – if one risk treatment is changed the other party or parties impacted need to be notified.
Risk treatment analysis – how to determine the cost/ benefits of dealing with exposures / exploiting opportunities
Risk management as a route to reducing bureaucracy
Coordinating assurance under the risk umbrella – a successful model will be shared
How to use the risk process to break down the cultural barriers
Making risk management second nature
Keeping up the momentum
Risk financing and how to introduce the disciplines
Integrating incident management
Business Continuity planning
Integrating Health and Safety, Insurance and claims etc
Measuring the benefits
Exercise 8 -Measuring the benefits

Options for Internal Audit Involvement

Pros and cons of Internal Audit facilitating the process
Risk-based auditing: explanation and options
Translation of the most significant risks into the basis of the audit programme
Monitoring of action plans and Audit Committee reporting
Evaluation and reporting of actual versus perceived controls
Determining which key risks are not readily auditable.

Course Outlines

Course Diary

Booking Information

In-House Training