Certified Enterprise Risk Management Professional


The rise in the volume and complexity of risks facing organizations—whether from insider threats, cyberattacks, shooters, or brand damage—requires more effective risk avoidance, risk mitigation, risk transfer, and asset (human and physical) protection. Enterprise Risk Management (ERM) is a structured, proven process for proactively identifying and evaluating how events and forces of change impact an organization and its strategy, and for developing measures for dealing with the risks that constantly threaten the achievement of an organization’s objectives. Enterprise risk managers provide the leadership, innovation, and management necessary to identify, evaluate, manage, and monitor an organization’s portfolio of risks.

Professionals who employ methods and practices to anticipate, identify, and optimize business risks and create plans to minimize them are part of a growing, specialized field. Enroll for the Exam NOW!

Course Modules

Risk Fundamentals

  • What is Risk About?
  • Why implement ERM?
  • Foundations of Enterprise Risk Management
  • International Standards for ERM
  • ERM in Practical Terms
  • The ERM Funnel
  • The scope of ERM compared to existing risk management standards
  • What is the value proposition for implementing ERM?
  • The Role of Executive Management in ERM
  • Financial risk – Pricing risk, Asset risk, Currency risk, Liquidity risk
  • Operational risk – Customer satisfaction, Product failure, Integrity, Reputational risk; Internal Poaching; Knowledge drain
  • Strategic risks- Competition, Social trend, Capital availability
  • Explanation of the new ISO 31000 international risk standard
  • COSO Enterprise Risk Management – Integrated Framework
  • RIMS Risk Maturity Model

Risk Assessment

  • An overview of the global business and risk environment
  • Risk culture, appetite and tolerance
  • Neuro-economics and behavioral economics explanation of risk appetite
  • Organizational risk management
  • What is the relationship between risk assessment and risk management?
  • Types and sources of risk information
  • Risk identification techniques
  • Risk prioritization and rating, including quantitative assessment tools and techniques
  • Presenting and sharing risk assessment information
  • Risk Analysis Matrix
  • Delphi (expert analysis)
  • Ishikawa diagrams (fishbone analysis)
  • Root cause analysis
  • Failure mode and effect analysis (FMEA)
  • Decision Tree Analysis
  • Scenario planning
  • Monte Carlo analysis
  • Risk evaluation, problem solving and decision-making

Putting ERM Into Practice

  • Initiating a Structured, Disciplined Approach to Implementation
  • Implementation Options and Decisions
  • Building a Framework
  • Obtaining ERM Mandate and Commitment
  • Determining Risk Criteria
  • Risk Identification and Assessment
  • Methodology and Techniques
  • Identifying Risk Treatment/Responses
  • Evaluation and Selection Considerations
  • Risk Treatment/Response Options
  • When Risk Treatment Options Are Most Appropriate
  • Developing a Risk Treatment/Response Plan
  • Corporate governance models, risk oversight frameworks, internal control models, compliance, internal audit and assurance
  • Strategic planning and risk management, including the role of the board, audit and risk committees, and the Chief Risk Officer
  • Risk culture, business ethics and organizational change
  • Managing risk – the options
  • Management evaluation of mitigation controls
  • How to assess risk mitigation
  • Identification of risk exposures
  • Critical evaluation of exposures
  • Establishment of action plans
  • The nature and consequences of crises and the drivers for crisis management including business continuity, contingency planning and crisis preparedness
  • Learning lessons from the past, including root cause analysis
  • Building resilience
  • The core attributes of emerging and future risks, tools, techniques and models for predicting future risks
  • Decision making for the future

Who Can Sit for the Exam?

  • Enterprise Risk Managers
  • Strategic Advisors
  • Business Continuity Planners
  • Managers in Business Resiliency & Risk Reduction
  • Operational Risk Managers
  • Finance Executives
  • Human Resource Professionals
  • Executives on Non-Profits
  • Managers
  • Consultants
  • Internal and external auditors
  • Policy Makers
  • Sales and Marketing
  • Investors
  • Risk, audit and compliance
  • Quality Assurance
  • Strategic planners
  • Procurement and sourcing
  • Operations and logistics