Enterprise Risk Management

Course Description

The volatility and uncertainty experienced in the global marketplace over the past few years has clearly indicated the need for organizations of all types to be better prepared to identify, measure, and manage a variety of risks. These factors, including credit, market, and operational risks, have in some instances threatened the viability of many firms and markets. The collapses of firms like Lehman Brothers and AIG have shown that liquidity, legal, regulatory, and reputational risks must also be addressed to ensure the long term viability of both public and private organizations.

Defining and implementing a firm-wide framework to manage risk is a challenge that management can no longer ignore. Enterprise Risk Management (ERM) has emerged as the leading practice for firms wanting not only to survive but thrive under this new paradigm.

This course is designed for senior executives and Board members of financial institutions. Interactive classroom discussions coupled with case analysis based on industry developments will ensure a rigorous understanding of ERM while providing the tools required to govern the implementation of an ERM framework within their organization.

After taking this course, the delegates will be able to:

  • Understand and recognize the need for ERM
  • Differentiate between the components of globally accepted ERM frameworks
  • Appreciate the role ERM plays in effective corporate governance
  • Inventory the risks and responses enabled by an appropriate ERM organization
  • Evaluate the tools used to measure and monitor enterprise risk
  • Assess an ERM implementation strategy
  • Describe Internal Audit’s role in ERM

Delivery Options

  • On- or off-site instructor-led training
  • Standalone delivery or larger-program integration Flexible half-day, one-day or two-day seminar structures
  • Webinar format
  • Fully customizable courses

Course Outline


Central ERM Principles

  • Definition of ERM
  • ERM vs. Internal Controls
  • ERM vs. Risk Assessment


ERM Frameworks

  • COSO, AS/NZS 4360, ISO31000
  • Strategy – high-level goals
  • Operations – effective and efficient use of resources
  • Reporting – reliability of operational and financial reporting
  • Compliance – laws and regulations

Module 3

ERM for Financial Institutions

  • Align risk appetite with strategy
  • Enhance the rigor of the entity’s risk-response decisions
  • Reduce the frequency and severity of operational risk and losses
  • Identify and manage multiple and cross-enterprise risks
  • Deploy capital more effectively 

Module 4

Role of Corporate Governance in ERM

  • Accountability
  • Credibility
  • Transparency
  • Integrity

Module 5

Internal Environment – Roles in ERM for Internal Auditors

  • Risk Assessment of the enterprise
    • Strategic planning
    • Competitive benchmarking
    • SOX or similar top-down risk assessment

Module 6

Risk Identification

  • Identify techniques and tools used for risk monitoring
  • Dealing with high impact, low probability risks
    • Normal risk events and distributions
    • “Tail risk” and outlier events

Module 7

Risk Responses

  • Avoidance: exiting activities
  • Reduction: taking action to reduce the likelihood or impact – hedging
  • Share or insure: transferring or sharing risk
  • Accept: no action is taken (business risk)

Module 8

Control Activities

  • Internal and External
  • Information Technology controls
  • Role of policies, procedures, and documentation

Module 9

Monitoring and Oversight

  • Monitoring tools
  • Reporting and correction of control problems
  • Audit reports in the ERM framework

Module 10

ERM Implementation

  • Readiness evaluation
  • ERM information flow and communication
  • Steps in implementation process

Module 11

Roundtable and Wrap-up

  • Review
  • Current Issues in ERM

Download course outline

Back to: