HOME | CONTACT US | IIE MY ONLINE TRAINING
WHY IIE TRAINING CENTER?
EXPLORE OUR TRAINING
INSTRUCTORS
GENERAL INFORMATION
FAQ
 
Enterprise Risk Management
3 Days | 2.1 CEUs

Overview:

The workshop focus is on enterprise risk management. The workshop is delivered through lectures, class discussions, articles, case studies and exercises. The topics to be covered include: identifying, classifying, assessing and controlling operational risks, planning and implementing risk mitigation strategies for the identified risks. 

The workshop will help participants to understand and to develop risk management skills, and to apply what they have learned to real-life ERM projects. Participants will learn how to implement enterprise and programmatic risk management in their organizations. Participants will learn why management is adopting and developing a portfolio view of multiple views of risk-controls within their organizations and into the supply stream. The workshop format is approximately 1/3 lecture, 1/3 exercise and 1/3 ‘lesson learned’ discussion. 
 

What You Will Learn:

  • Learn what is enterprise risk management and when to use it
  • Learn how to implement ERM successfully
  • Learn ISO 31000, COSO ERM, NIST 800-37 and additional ERM frameworks and standards
  • Learn how to identify risk tolerance and appetite for operational decision making
  • Learn and apply the operational risk management process  

Course Content

Key Terms and Definitions

  • What is ERM? What is GRC?
  • ERM Drivers, past and present
  •  Why does ERM fail? Succeed?

ERM Core Building Block: Decision-making

  • What is a decision?
  • Who are the ERM decision makers?
  • Decision framing
  • Risk appetite/tolerance/biases
  • Key ingredient: principles, process, behavior and performance
  • Quantification and qualification of risk
  • Common decision techniques and pitfalls
  • What makes a good decision? 
  • Creating level decision playing field
  • Exercise: Understanding

Different Approaches to ERM

  • ERM standards: COSO, NIST, FAA, ISO, NASA, etc.
  • Strategic, operational, financial, insurable, social risks in an ERM context 
  • Linking strategic, operational and financial risks
  • Adaptive management benefits/pitfalls 
  • Enterprise (entity level) risk, programmatic/project risk, transactional/product risk 
  • Exercise: Growth of ERM discussion in security (cyber & physical), Gulf oil spill, etc. 
  • Exercise: Services business case study

Introduction to ERM Frameworks

  • COSO ERM explained 
  • ISO 31000 explained 
  • NIST 800-37 explained 
  • Common features of ERM frameworks 
  • Exercise: Enterprise Risk Management in companies and federal/state agencies 
  • Case study: Rockwell Collins ERM Approach

Elements of the COSO ERM Framework

  • Discussion of the COSO ERM cube 
  • Eight risk management steps of framework  
  • Benefits/challenges of framework 
  • Exercise: COSO framework application 

Elements of the ISO 31000 Risk Management Framework

  • Discussion of the 31000 approach
  • Risk definitions 
  • Relationships between the risk management principles, framework and process 
  • Benefits/challenges of framework 
  • Linking to ISO/IEEE Systems and Software Risk Management Standard 16085
  • Case study: Similarities and differences between project risk management standards

NIST 800-37: Guide for Applying the Risk Management Framework for Federal Information Systems: Security Lifecycle Approach

  • Integrated organization-wide risk management 
  • Information control allocation 
  • System develop life cycle 
  • Review of the life cycle process
  • Exercise: Managing enterprise risk on a government project

ERM in the Real World

  • Organizational risk culture
  • Who owns ERM? 
  • Implementing ERM: top down, bottom up, middle out?
  • Avoiding organizational risk conflicts
  • Risk capability and maturity 
  • Case study: Various forms of enterprise (entity), programmatic/project and event based controls 
  • Exercise: Managing the risks in a supply chain

Your Next Steps

  • Identify critical next steps for implementing ERM program 
  • Exercise: Discuss and evaluate ERM plans

CLASS CANCELLATION:

IIE reserves the right to cancel a class up to 15 business days prior to the scheduled start date

 

registration fee

Member: $1,195
Non-Member: $1,545

course schedule

Course ID: 1810
Nov 4 - 6, 2014
Norcross, GA
1810

 
TERMS OF USE | PRIVACY POLICY | © 2014 INSTITUTE OF INDUSTRIAL ENGINEERS