Enterprise Risk Management—Best Practices

Duration: 2 Days (9.00am - 5.00pm) | Code: JE-402

Course Objective

The greatest risk in developing risk management systems is the risk of failure of the system.

In compliance with Corporate Governance, public-listed companies are to implement ERM programme to manage business risks. Yet many find difficulties to implement a system that can creates a real operative means to risk managing. Unfortunately, quite a few end up with a Risk Register that serves as a report with ineffective risk management solutions. Consequently, managers manning the ERM programme attend to ERM work only when it is time to issue the ERM Report to top management. ERM has become a chore to be done to appease the system.

There are several pitfalls leading to the situation that there has not been overwhelming numbers of successful ERM programmes. Risk is personal matter - i.e. we own a risk only when we are personally affected by it or when we are duty-bound. But organisational risks are corporate risks, and few risk officers adopt them on a personal level. The lack of analysing the characteristics of a risk at close range adds also much ineffectiveness in managing and treating risks.

The course provides ERM project managers with a foundation understanding on ISO 31000. Importantly, the trainer provides participants with case studies, best practices and practical solutions that he has accumulated over 20 years of risk management work.

CEO/MD, RMC, ERM Project Manager and senior managers will benefit from this course.

Program Outline

1. What is risk management and ERM?

  • What is risk character?
  • Response to risk: personally and corporately
  • What is the organisational exposures to risks

2. Features of an ERM System

  • ISO 31000: Risk Management - Principles and Guidelines
  • Risk Management Process: identify, analyse, assess, treatment and monitor
  • Risk Identification Exercise: how to do it on organisational level
  • Risk Analysis: drilling down to treatable level
  • Risk Treatment: Solutions - avoidance, reduction, and transfer
  • Corporatising risk, and re-delegating as KRIS
  • Risk Supervision: Risk Management Committee, Risk Owners
  • Risk Communications & Reporting for results

3. Implementing an ERM System

  • Project Management
  • Internalising a Risk Management culture
  • Project requirements: manpower, costs, etc