Enterprise Risk Management (ERM) - MIS Training
Enterprise Risk Management (ERM) - MIS Training
Enterprise Risk Management (ERM) - MIS Training
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
The Global Leader In<br />
Audit and Information Security <strong>Training</strong><br />
London<br />
Summer<br />
Schools<br />
2012<br />
<strong>Enterprise</strong><br />
<strong>Risk</strong><br />
<strong>Management</strong><br />
(<strong>ERM</strong>)<br />
Implementing, embedding and<br />
enhancing enterprise risk<br />
management: Practical guide to<br />
optimising the role of internal<br />
auditors and risk managers<br />
A Hands-On Guide<br />
to Effective <strong>ERM</strong><br />
3 DAY COURSE:<br />
11 - 13 July 2012<br />
London<br />
Course Director<br />
Jenny Rayner<br />
SAVE 10%<br />
Attend with<br />
Managing the Internal Audit<br />
Department<br />
for a full week of training<br />
Jenny has over fifteen years experience in<br />
risk management and internal audit as<br />
part of a wide-ranging thirty year business<br />
career<br />
■ Understand <strong>Enterprise</strong> <strong>Risk</strong> <strong>Management</strong> (<strong>ERM</strong>) and how to implement it<br />
■ Know how to assess the risk management capability and maturity of your business<br />
■ Be able to stimulate improvement at each stage of the risk management process<br />
■ Learn how to balance both threats and opportunities to maximise value to the business<br />
■ Discover how to raise risk awareness and embed risk management thinking and practice<br />
■ Explore what is meant by ‘risk appetite’ and how to determine and communicate it<br />
■ Clarify the boundaries between the roles of internal audit and risk management<br />
■ Understand new and emerging risks – and how you can contribute<br />
■ Gain insights into emerging best practice on managing and reporting risks<br />
■ Network and share your experiences with other senior audit and risk professionals<br />
Save up to 50%<br />
with In-House <strong>Training</strong><br />
www.mistieurope.com/inhouse<br />
Register Online at:<br />
www.mistieurope.com/training<br />
Quoting Code:<br />
IA120705-W
<strong>Enterprise</strong><br />
<strong>Risk</strong><br />
<strong>Management</strong><br />
(<strong>ERM</strong>)<br />
Implementing, embedding and<br />
enhancing enterprise risk management:<br />
Practical guide to optimising the role of<br />
internal auditors and risk managers<br />
Course focus and features<br />
Many businesses have introduced risk management<br />
processes to meet growing corporate governance<br />
requirements. But what if the risk management exists in<br />
name only so the box can be ticked? What if the board and<br />
senior management team are not committed to it? What if<br />
the business risk management process is ineffective or<br />
incomplete? What if the audit committee does not<br />
understand its critical role on business risk? How can<br />
internal auditors and risk managers help to embed an<br />
effective enterprise-wide risk management process and<br />
contribute to its continuous improvement?<br />
This highly interactive three-day course explores how internal<br />
auditors and risk managers can act as a catalyst for good risk<br />
management and can assist in embedding it and improving its<br />
effectiveness. Participants will learn how they can add value at<br />
each stage of the risk management process – from risk<br />
identification to monitoring and reporting – without, in internal<br />
audit’s case, compromising objectivity and independence.<br />
The course offers numerous practical tools, techniques and top<br />
tips for successful <strong>Enterprise</strong> <strong>Risk</strong> <strong>Management</strong>, including<br />
demystifying risk appetite, managing threats and opportunities in<br />
parallel, innovative use of control risk self-assessment (CRSA) and<br />
the latest trends in risk reporting. The implications for internal<br />
auditors and risk managers of new and emerging risk areas such<br />
as governance, ethics, corporate responsibility, reputation, supply<br />
chain, outsourcing and project risks will also be explored.<br />
Course Director<br />
Jenny Rayner<br />
Jenny Rayner is an independent consultant and trainer<br />
specialising in risk management, corporate governance and<br />
internal audit. Jenny works with directors, senior managers,<br />
internal audit departments and risk managers in the private<br />
and not-for-profit sectors to help them embrace best practice<br />
in governance and assurance and to manage risk positively to<br />
improve business performance and enhance reputation.<br />
Prior to this, Jenny’s wide-ranging career spanned over 20<br />
years with ICI, in a variety of sales, marketing, purchasing,<br />
logistics, supply chain and general business management<br />
roles, latterly, as a Chief Internal Auditor with ICI.<br />
Jenny writes and lectures extensively on internal auditing, risk<br />
management, corporate governance, corporate responsibility<br />
and reputation. Jenny was Executive Editor of Gee<br />
Publishing’s Business <strong>Risk</strong> <strong>Management</strong> handbook and was<br />
Joint Editor of Gee’s Corporate Social Responsibility Monitor.<br />
She is author of the study <strong>Risk</strong>y Business: towards best<br />
practice in managing reputation risk (2001, Institute of<br />
Business Ethics). Her book, Managing Reputational <strong>Risk</strong>:<br />
curbing threats, leveraging opportunities, was published by<br />
John Wiley in July 2003. She is also a contributor to<br />
QFinance – The Ultimate Resource (2010, Bloomsbury).<br />
Jenny is a member of the Institute of <strong>Risk</strong> <strong>Management</strong> and<br />
for three years chaired the NW District Committee of the<br />
Institute of Internal Auditors - UK and Ireland. Jenny also<br />
chairs the Group Audit and Assurance Committee of a UK<br />
housing association, is Deputy Chair on its Board and is a<br />
member of its Governance and Remuneration Committee.<br />
Participants will learn through a combination of presentations,<br />
case studies, practical exercises and discussions and will take<br />
away sample documents, checklists and worked examples.<br />
During the seminar attendees will have the opportunity to develop<br />
a tailored action plan for their own business.<br />
Whether you have been charged with establishing an <strong>ERM</strong><br />
framework for your organisation, want to increase the<br />
effectiveness of the existing risk management process or wish to<br />
benchmark your business against emerging best practice, this is<br />
the course for you.<br />
Who Should Attend<br />
Chief Audit Executives, Internal Audit and <strong>Risk</strong> <strong>Management</strong><br />
Heads, <strong>Risk</strong> Managers, Supervisors, Lead Auditors and Directors<br />
from private, public and not-for-profit sectors.<br />
Note: Highly experienced risk managers in businesses with wellestablished<br />
risk management systems may find the course<br />
content insufficiently advanced to be of major benefit.<br />
Prerequisite: None<br />
Advanced Preparation: None<br />
<strong>Training</strong> Type: Group-Live<br />
Learning Level: Intermediate<br />
Price: GBP £2,145<br />
CPEs: 22<br />
Telephone:<br />
+44 (0)20 7779 8454<br />
Email:<br />
training@mistieurope.com
Day One:<br />
Building a solid<br />
foundation<br />
Wednesday 11th July<br />
Introduction and course objectives<br />
<strong>Risk</strong> management unraveled<br />
• <strong>Risk</strong>, risk management and <strong>Enterprise</strong> <strong>Risk</strong><br />
<strong>Management</strong> (<strong>ERM</strong>) defined<br />
• The corporate governance and regulatory context<br />
• Lessons from the credit crunch<br />
• Investor and stakeholder pressures<br />
• Review of risk management standards and<br />
guidelines (including COSO <strong>ERM</strong> and the new<br />
British and ISO standards)<br />
The core components of an <strong>ERM</strong> system<br />
• The risk management process: key steps<br />
• <strong>Risk</strong> language, risk registers and assessment<br />
methodology<br />
Sample documents<br />
• Defining, establishing and communicating risk<br />
appetite<br />
Exercise<br />
• <strong>ERM</strong> hierarchy and reporting framework<br />
• <strong>Risk</strong> management strategy and policy<br />
Sample documents<br />
Roles and responsibilities for <strong>ERM</strong><br />
• The board and risk leadership<br />
• Audit and risk committees<br />
Sample terms of reference<br />
• Senior management<br />
• Employees<br />
• Key business partners<br />
• The risk management function<br />
Internal audit’s role in <strong>ERM</strong><br />
• Implications of the IIA’s position statements<br />
• Internal audit’s and risk management’s respective<br />
roles<br />
Case study<br />
• Maintaining independence and objectivity<br />
• The ‘dos’ and ‘don’ts’<br />
• <strong>Risk</strong>-based internal auditing<br />
Day Two:<br />
Promoting and<br />
enhancing enterprise<br />
risk management<br />
Thursday 12th July<br />
Determining what needs to be done<br />
• Understanding risk management maturity and<br />
effectiveness<br />
• Assessing the risk maturity of your business<br />
Exercise<br />
• The implications for internal auditors and risk<br />
managers<br />
• Articulating your risk management vision – and<br />
the steps to achieve it<br />
Identifying business risks<br />
• <strong>Risk</strong> categorization<br />
Sample risk categories<br />
• <strong>Risk</strong> identification: what works and what doesn’t<br />
• Getting at strategic risks<br />
PESTLE analysis<br />
• Handling threats and opportunities<br />
• Articulating risks to elicit action<br />
• Improving risk identification<br />
Assessing and prioritising risks<br />
• importance of inherent and residual risk<br />
• <strong>Risk</strong> assessment methodologies for threats and<br />
opportunities<br />
• Applying risk appetite<br />
Exercise<br />
• Multiple risk appetites and risk appetite<br />
hierarchies<br />
• <strong>Risk</strong> quantification<br />
• Improving risk assessment<br />
Responding to risks<br />
• Response options: the 4Ts (Tolerate, Treat,<br />
Transfer, Terminate)<br />
• Establishing an appropriate response<br />
• Black swans and risk resilience<br />
• Ownership and action planning<br />
• Enhancing risk responses<br />
Monitoring, reporting and assurance<br />
• The value of monitoring, reporting and assurance<br />
• Who should do what?<br />
Exercise<br />
• Assurance mapping: establishing the best<br />
source/type of assurance<br />
• Clarifying reporting lines<br />
• Reporting within the business<br />
Sample reporting formats<br />
• The latest developments in external risk disclosure<br />
Case study<br />
Hints and hazards<br />
• Common <strong>ERM</strong> weaknesses<br />
• Top tips for successful <strong>ERM</strong> implementation<br />
Day Three:<br />
Maintaining momentum<br />
and embedding <strong>ERM</strong><br />
Friday 13th July<br />
New and emerging risk management<br />
challenges<br />
• Refreshing the business risk profile<br />
• Governance, strategic and ethics risks<br />
• Corporate responsibility and stakeholder risks<br />
• Reputational risks<br />
Case study<br />
• Supply chain and outsourcing risks<br />
• Project and programme risks<br />
• IT risk hotspots<br />
The business case for <strong>ERM</strong>: winning<br />
hearts and minds<br />
• Exploring the benefits – does <strong>ERM</strong> deliver value?<br />
• Gaining ‘buy in’ from non-believers<br />
• Analysis of a disaster<br />
Case study<br />
• Dealing with objections and concerns<br />
Role play<br />
Embedding risk management throughout<br />
the organisation<br />
• The importance of organisational culture<br />
• Encouraging everyone to be their own risk<br />
manager<br />
• Innovative use of Control <strong>Risk</strong> Self-assessment<br />
(CRSA): pros and cons<br />
• The power of risk workshops<br />
Top facilitation tips<br />
• Integrating risk management with management<br />
processes<br />
• Developing Key <strong>Risk</strong> Indicators (KRIs)<br />
Practical examples<br />
• The use of risk management software<br />
Adapting your approach as risk<br />
management matures<br />
• Dealing with changing skills requirements<br />
• Flexible interaction with other assurance providers<br />
• Tools for assessing risk management capability<br />
and effectiveness<br />
Sample assessment programmes<br />
• Towards best practice in <strong>ERM</strong><br />
• Modifying your relationship with management and<br />
the board/audit committee<br />
• Measuring and reporting your own performance<br />
• Optimising and communicating your role<br />
Conclusions and action planning<br />
• Getting started: targeting quick wins<br />
• Next steps – your individual action plan<br />
Register Online at:<br />
www.mistieurope.com/training<br />
Quoting Code:<br />
IA120705-W
The Global Leader In<br />
Audit and Information Security <strong>Training</strong><br />
Register Online at:<br />
www.mistieurope.com/training<br />
<strong>Enterprise</strong> <strong>Risk</strong> <strong>Management</strong><br />
11-13 July 2012 London<br />
PRICE GBP £2,145 + VAT<br />
YOUR REGISTRATION CODE:<br />
IA120705-W<br />
Price includes tuition, course folder with all course notes, lunch<br />
and refreshments and a prestigious certificate. Delegates are<br />
responsible for their own accommodation. You can request an<br />
invoice or pay online. Please note, payment must be received<br />
prior to course start.<br />
Travelling To London From Abroad?<br />
<strong>MIS</strong> <strong>Training</strong> has been accredited by the BAC, making your trip<br />
to London easier which should make your visa application<br />
process much smoother.<br />
Internal Audit & Fraud London Summer Schools<br />
London<br />
Summer<br />
Schools<br />
2012<br />
We can help with your visa.<br />
Email: training@mistieurope.com<br />
Develop your skills in one of the greatest cities in the world...visit London this July<br />
For more information visit: www.mistieurope.com/summerschools<br />
Internal Audit School - 2-6 July 2012<br />
IT Audit School – IT Auditing for Non IT Auditors – 2-6 July<br />
<strong>Training</strong> Weeks - Attend both and save 10%<br />
Developing the Annual Audit Plan – 2-3 July<br />
And<br />
<strong>Risk</strong> Based Internal Auditing – 4-6 July<br />
Fraud & Corruption Summer School: - 2-6 July<br />
Conducting an Investigation into Fraud and Corruption – 2-3 July<br />
And<br />
Conducting a Fraud <strong>Risk</strong> Assessment – 4-6 July<br />
Managing the Internal Audit Department – 9-10 July<br />
And<br />
<strong>Enterprise</strong> <strong>Risk</strong> <strong>Management</strong> – 11-13 July<br />
Data Protection:<br />
Use of your information: The information you provide on this form will be used by<br />
Euromoney Institutional Investor PLC and its group companies (“we” or “us”) in relation<br />
to your registration for this event. We may also monitor your use of our website(s),<br />
including information you post and actions you take, to improve our services to you<br />
and track compliance with our terms of use. Except to the extent you indicate your<br />
objection below, we may also use your data (including data obtained from monitoring)<br />
(a) to keep you informed of our products and services; (b) occasionally to allow<br />
companies outside our group to contact you with details of their products/services. As<br />
an international group, we may transfer your data on a global basis for the purposes<br />
indicated above, including to countries which may not provide the same level of<br />
protection to personal data as within the European Union. By submitting your details,<br />
you will be indicating your consent to the use of your data as identified above. Further<br />
information on our use of your personal data is set out in our privacy policy, which is<br />
available at www.mistieurope.com or can be provided to you separately upon request.<br />
Marketing choices: If you object to contact as identified above by telephone ❑, fax ❑,<br />
or email ❑, or post ❑, please tick the relevant box. If you do not want us to share your<br />
information with other companies ❑ please tick this box.<br />
Cancellation Policy:<br />
Please ensure you have read this carefully before submitting your<br />
registration] <strong>MIS</strong> <strong>Training</strong> operates a 20 working day cancellation policy.<br />
Any cancellations received after 20 days or any delegate that does not<br />
attend will be subject to full payment. You may transfer to another<br />
course/conference for a transfer fee of 25% of the initial booking fee plus<br />
the difference between the value of the course/conference you are<br />
transferred to. This will be invoiced or refunded. Please note that the<br />
replacement course/conference must take place within 6 months of the<br />
initial application. Alternatively you may send another colleague to the initial<br />
booked course/conference without incurring any additional fees. A full<br />
refund less an administration fee of £100 will be given for cancellation<br />
requests received up to 20 working days before the event. Cancellations<br />
must be made in writing and reach the <strong>MIS</strong> office before the 20 working<br />
days deadline.<br />
Accommodation:<br />
All training venues will be confirmed 3-4 weeks prior to the course start<br />
date. <strong>MIS</strong> <strong>Training</strong> Institute has negotiated special accommodation rates in<br />
4 star hotels in central London (Zone 1) for UK courses.<br />
VAT:<br />
All delegates attending are liable to pay VAT.<br />
Overseas delegates can claim a VAT refund under<br />
the European Union (EU) 8th and 13th Directives on<br />
all eligible business expenses such as course fees,<br />
hotel accommodation, meals, car hire<br />
etc., provided you are not registered for VAT in the<br />
UK. For more information please visit<br />
www.mistieurope.com/VAT or<br />
email training@mistieurope.com.<br />
Printed on paper from a sustainable<br />
source, using vegetable oil based inks