Enterprise Risk Management (ERM) - MIS Training

The International Leaderin Audit and Information Security TrainingLONDONSUMMERSCHOOLS2010Enterprise Risk Management (ERM)Implementing, embedding and enhancing enterpriserisk management: Practical guide to optimising therole of internal auditors and risk managersLondonCourse DirectorJenny RaynerJenny has fifteen years experiencein internal audit and riskmanagement as part of a widerangingthirty-year business career3 day course 4 - 6 August 2010“All that you should know to adoptappropriate risk management inyour company”JTI“Very informative, pitched at theright level and covered all itsobjectives”PrudentialEarn 22 CPE credits• Understand Enterprise Risk Management (ERM) and how to implement it• Know how to assess the risk management capability and maturity of your business• Be able to stimulate improvement at each stage of the risk management process• Learn how to balance both threats and opportunities to maximise value tothe business• Discover how to raise risk awareness and embed risk management thinkingand practice• Find out what is meant by ‘risk appetite’ and how to determine and communicate it• Understand new and emerging risks – and how you can contributeSAVE 10%Attend Managing the InternalAudit Department2nd - 3rd August 2010,London, and save 10%• Gain insights into current best practice in risk management• Explore the latest thinking on risk reporting• Network and share your experiences with other senior audit and risk professionalsSAVEUP TO 50%WITH IN HOUSETRAININGDetails insideEnquire or register todayWeb: mistieurope.com/training Email: training@mistieurope.com Tel: +44 (0)20 7779 8454

Enterprise Risk Management (ERM)Implementing, embedding and enhancing enterprise riskmanagement: Practical guide to optimising the role of internalauditors and risk managersLondon3 day course4 - 6 August 2010Course DirectorJenny RaynerJenny Rayner is an independent consultantand trainer specialising in riskmanagement, corporate governance andinternal audit.Course focus and featuresMany businesses have introduced risk management processes to meet growing corporategovernance requirements. But what if the risk management exists in name only so the box can beticked? What if the board and senior management team are not committed to it? What if thebusiness risk management process is ineffective or incomplete? What if the audit committee doesnot understand its critical role on business risk? How can internal auditors and risk managers helpto embed an effective enterprise-wide risk management process and contribute to its continuousimprovement?This highly interactive three-day course explores how internal auditors and risk managers can actas a catalyst for good risk management and can assist in embedding it and improving itseffectiveness. Participants will learn how they can add value at each stage of the risk managementprocess – from risk identification to monitoring and reporting – without, in internal audit’s case,compromising objectivity and independence.The course offers numerous practical tools, techniques and top tips for successful Enterprise RiskManagement, including demystifying risk appetite, managing threats and opportunities in parallel,innovative use of control risk self-assessment (CRSA) and the latest trends in risk reporting. Theimplications for internal auditors and risk managers of new and emerging risk areas such asgovernance, ethics, corporate responsibility, reputation, supply chain, outsourcing and project riskswill also be explored.Participants will learn through a combination of presentations, case studies, practical exercises anddiscussions and will take away sample documents, checklists and worked examples. During theseminar attendees will have the opportunity to develop a tailored action plan for their ownbusiness.Whether you have been charged with establishing an ERM framework for your organisation, wantto increase the effectiveness of the existing risk management process or wish to benchmark yourbusiness against emerging best practice, this is the course for you.Jenny delivers these services throughAbbey Consulting, which she establishedin 1999. She works with directors, seniormanagers, internal audit departments andrisk managers in the private and not-forprofitsectors to help them embrace bestpractice in governance and assurance andto manage risk positively to improvebusiness performance and enhancereputation. Abbey Consulting alsoconducts External Quality Assessments(EQAs) of internal audit functions.Prior to this, Jenny’s wide-ranging careerspanned over 20 years with ICI and Zeneca,in a variety of sales, marketing, purchasing,logistics, supply chain and generalbusiness management roles, latterly, as aChief Internal Auditor with ICI.Jenny writes and lectures extensively oninternal auditing, risk management,corporate governance, corporateresponsibility and reputation. Jenny wasfor four years Executive Editor of GeePublishing’s Business Risk Managementhandbook and was Joint Editor of Gee’sCorporate Social Responsibility Monitor.She is author of the study Risky Business:towards best practice in managingreputation risk (2001, Institute of BusinessEthics). Her latest book, ManagingReputational Risk: curbing threats,leveraging opportunities, was published byJohn Wiley in July 2003.Jenny chairs the NW District Committee ofthe Institute of Internal Auditors and chairsthe audit committee of a not-for-profitorganisation. She is also a member of theInstitute of Risk Management.© MIS Training 2010In-House Training - Save up to 50% when you run this course in-houseIn-house tailored training will enable you and your colleagues to make significant savings as we charge per day and not per participant so the costremains the same regardless of how many people attend. We can offer any of our public courses or tailor them to your requirements. Training is availablein all areas of Internal Audit, IT Audit, and IT Security.If you have six or more colleagues who would be interested in one of our courses and you would like to make significant savings, contact us now:Email Guy Cooper at gcooper@mistieurope.com or call +44 (0) 20 7779 8454You will have complete control of the training content and decide when it is run. We guarantee that we will be able to cater for all your business needs.

Who Should AttendChief Audit Executives, Internal Audit and Risk Management Heads, Risk Managers, Supervisors,Lead Auditors and Directors from private, public and not-for-profit sectors.Note: Highly experienced risk managers in businesses with well-established risk management systemsmay find the course content insufficiently advanced to be of major benefit.Prerequisite NoneLearning Level IntermediateFee GBP £1,995CPEs 22Day OneBuilding a solid foundationIntroduction and course objectivesRisk management unravelled• Risk, risk management and Enterprise RiskManagement (ERM) defined• The corporate governance and regulatorycontext• Investor and stakeholder pressures• Review of risk management standards andguidelines (including COSO ERM and thenew British and ISO standards)The core components of an ERM system• The risk management process: key steps• Risk language, risk registers and assessmentmethodologySample documents• Defining, establishing and communicatingrisk appetiteExercise• ERM hierarchy and reporting framework• Risk management strategy and policySample documentsRoles and responsibilities for ERM• The board and risk leadership• Audit and risk committeesSample terms of reference• Senior management• Employees• Key business partners• The risk management function• Internal auditInternal audit’s role in ERM• Implications of the IIA’s position statements• Internal audit’s and risk management’srespective rolesCase study• Maintaining independence and objectivity• The ‘dos’ and ‘don’ts’• Risk-based internal auditingDay TwoPromoting and enhancingenterprise risk managementDetermining what needs to be done• Understanding risk management maturityand effectiveness• Assessing the risk maturity of your businessExercise• The implications for internal auditors andrisk managers• Articulating your risk management vision –and the steps to achieve itIdentifying business risks• Risk categorisationSample risk categories• Risk identification: what works and whatdoesn’t• Handling threats and opportunities• Getting at strategic risksPESTLE analysis• Articulating risks to elicit action• Improving risk identificationAssessing and prioritising risks• importance of inherent and residual risk• Risk assessment methodologies for threatsand opportunities• Applying risk appetiteExercise• Multiple risk appetites and risk appetitehierarchies• Improving risk assessmentResponding to risks• Response options: the 4Ts (Tolerate, Treat,Transfer, Terminate)• Establishing an appropriate response• Ownership and action planning• Enhancing risk responsesMonitoring, reporting and assurance• The value of monitoring, reporting andassurance• Who should do what?Exercise• Establishing the best source/type ofassurance• Clarifying reporting lines• Reporting within the businessSample reporting formats• The latest developments in external riskdisclosureCase studyHints and hazards• Common ERM weaknesses• Top tips for successful ERM implementationDay ThreeMaintaining momentum andembedding ERMNew and emerging risk managementchallenges• Refreshing the business risk profile• Governance, strategic and ethics risks• Corporate responsibility and stakeholder risks• Reputational risksCase study• Supply chain and outsourcing risks• Project and programme risks• IT risk hotspotsThe business case for ERM: winning heartsand minds• Exploring the benefits – does ERM delivervalue?• Analysis of a disasterCase study• Gaining ‘buy in’ from non-believers• Dealing with objections and concernsRole playEmbedding risk management throughoutthe organisation• The importance of organisational culture• Encouraging everyone to be their own riskmanager• Innovative use of Control Risk Self-Assessment (CRSA): pros and cons• The power of risk workshopsTop facilitation tips• Integrating risk management withmanagement processes (KPIs, strategicplanning etc)• Early warning indicators and embeddedmonitorsPractical examples• The use of risk management softwareAdapting your approach as riskmanagement matures• Dealing with changing skills requirements• Flexible interaction with other assuranceproviders• Tools for assessing risk managementcapability and effectivenessSample assessment programmes• Modifying your relationship withmanagement and the board/audit committee• Measuring and reporting your ownperformance• Optimising and communicating your roleConclusions and action planning• Getting started: targeting quick wins• Next steps – your individual action planEnquire or register todayWeb: mistieurope.com/training Email: training@mistieurope.com Tel: +44 (0)20 7779 8454

The International Leaderin Audit and Information Security TrainingWhen registering please quote reference WEBRegistrationEnterprise Risk Management (ERM)4 - 6 August 2010, London (MT040802)GBP £1,995 (+ VAT @ 17.5%)Please register meCustomer InformationTitleFirst nameSurnameTitle/PositionOrganisationEU VAT Number (A copy of your tax certificate is also required)E-Mail Address (Required)AddressCountryTelephoneFaxPostcodeI have read and agree to the terms & conditionsPayment InformationYou can pay by credit/debit card online atwww.misteurope.com or call +44 (0)20 7779 8454Cheque enclosed (payable to MIS Training)Please invoice my company PO#Enterprise RiskManagement (ERM)Implementing, embedding and enhancing enterpriserisk management: Practical guide to optimising therole of internal auditors and risk managersLondon4 - 6 August 2010Can’t make this date?Contact us to find out when we are next running the eventWhy attend?• MIS Training Institute is the global leader in audit andinfosecurity training, with over 30 years experience and havingtrained over 200,000 delegates• MIS Training has been accredited by the British AccreditationCouncil (BAC). The BAC is recognised the world over andrepresents the clearest mark of educational quality. BAC isrecognised by the UK Border Agency• Instructors/speakers are the most reputable in the industry• Group sizes are restricted to ensure optimum contact time withthe facilitator• Gain CPE points towards your professional certification5 easy ways to registerTel +44 (0)20 7779 8454Fax +44 (0)20 7779 8293 (please complete this form)Email training@mistieurope.comWeb www.mistieurope.com/trainingPost Carlos Doughty, MIS Training, NestorHouse, Playhouse Yard, London EC4V 5EX UK(please complete this form)The information you provide will be safeguarded by theEuromoney Institutional Investor PLC group whosesubsidiaries may use it to keep you informed of relevantproducts and services. We occasionally allow reputablecompanies outside the Euromoney Institutional InvestorPLC group to contact you with details of products thatmay be of interest to you. As an international group wemay transfer your data on a global basis for the purposesindicated above. If you object to contact by telephonefax or email please tick the relevant box. If youdo not want us to share your information with otherreputable companies please tick this boxCancellation PolicyPlease ensure you have read this carefully before submitting your registration] MIS Training operates a 20 working day cancellation policy.Any cancellations received after 20 days or any delegate that does not attend will be subject to full payment. You may transfer to anothercourse/conference for a transfer fee of 25% of the initial booking fee plus the difference between the value of the course/conference youare transferred to. This will be invoiced or refunded. Please note that the replacement course/conference must take place within 6 monthsof the initial application. Alternatively you may send another colleague to the initial booked course/conference without incurring anyadditional fees.A full refund less an administration fee of £100 will be given for cancellation requests received up to 20 working days beforethe event. Cancellations must be made in writing and reach the MIS office before the 20 working days deadline.AccommodationAll training venues will be confirmed 3-4 weeksprior to the course start date. MIS TrainingInstitute has negotiated special accommodationrates in 4 star hotels in central London (Zone 1)for UK courses.VATAll delegates attending are liable to pay VAT. Overseas delegates can claim aVAT refund under the European Union (EU) 8th and 13th Directives on all eligiblebusiness expenses such as course fees, hotel accommodation, meals, car hire etc.,provided you are not registered for VAT in the UK. For more information pleasevisit www.mistieurope.com/VAT or email training@mistieurope.com.Enquire or register todayWeb: mistieurope.com/training Email: training@mistieurope.com Tel: +44 (0)20 7779 8454