Course Objectives

By the end of the course, participants will be able to:

  • Identify internal and external changes that will create risks to the organization
  • Understand the relation with the board of directors through governance and improve Risk-Based Decision Making (RBDM)
  • Influence internal controls by choosing the response to the risks identified
  • Classify risk categories in the organization and identify the right authorities to manage them
  • Analyze, assess and improve risk management practices within the organization

Course Outline


  • Risk perception
  • Why should we care about risk
  • Internal environment changes
  • External environment changes

Risk management and corporate governance

  • Introduction to corporate governance
  • GRC concept: governance, risk and compliance
  • GRC system: governance, risks and controls
  • Risk management as part of corporate governance
  • Governance failures
  • Risk based decision making

Risk management and corporate control environment

  • Risk management’s influence on designing internal controls
  • Risk-based internal audit assessment of risk management performance

ERM and its evolution

  • ERM evolution
  • ERM benefits

ERM platform

  • Strategic approach
  • Operations and tactics
  • Business reporting
  • Compliance and process

Risk categories

  • Strategic risks
  • Reporting risks
  • Financial risks
  • Physical: life and safety risks
  • Compliance
    • Laws and regulations
    • Financial reporting standards


  • External environment: socioeconomic, regulations, technology and competition
  • Internal environment: structure, processes and culture

ERM components

  • Internal environment
  • Objectives setting
  • Event identification
  • Risk assessment
    • The black swan challenge
    • Quantitative versus qualitative analysis
  • Risk response
  • Control activities
  • Information and communication
  • Risk monitoring