During the Covid-19 armada, we ran our programs virtually using Zoom or MS Teams. And this new normal has been quite effective, delivering stellar results. Our clients across the globe are quite happy with what we are doing, and doing really well. Our programs run both on weekdays and weekends to suit the needs of everyone. Our in-house or in-plant programs are also conducted virtually. Our weekend programs [ i.e., every Saturday] commence at 10am [ West Africa Time] while week days commence at 9.am prompt [ also West Africa Time]. We have now commenced in-person training programs as well . On timing, we are very flexible as well. Our overarching goal is to work within your timeframe/convenience. For further details/clarification, please send to us an email [info@theriskacademy.org] or call: 08021003297; 07034248767; 09071941111. Because we care.
Certified Operational Risk Professional
CORP
Accredited by the CPD Accreditation Group, London
24 CPD CREDITS [ACCREDITATION #: 1006407]
LECTURES/EXAM PREPARATION FEE-$450 OR N250,000
This RMA CORP certification has been designed for all staff in organizations who wish to develop their ability to manage operational risk in their functions.
For staff in the operational risk management function, this certificate would enable the individual demonstration a practical and professional understanding of operational risk environment in the organization. It would also help prepare the holders for higher responsibilities within the industry.
The certificate is also very important for senior managers with an operational risk oversight role. The certificate is based on ISO 31000: 2009 Risk Management Principles/ Guidelines, Basel Accords and the COSO framework.
The syllabus covers all aspects of operational risk management process, modeling and stress testing. The Examination is in two stages: Stage One [ fundamentals] and Stage 2 [ Advanced].
Course Modules
- Module 1
- Module 2
- Module 3
- Module 4
- Module 5
- Module 6
Emerging risks, Conduct and Risk Culture
- Risk identification tools and emerging risks
- Tools and techniques for risk identification
- Exposures and Vulnerabilities
- The Risk Wheel
- Value drivers and reverse stress testing
- Risk register: a list
- Risk connectivity: network of risks
- World economic forum: risk map
- Emerging risks
Implementing ORM: The Invisible Framework
- Governance of Operational Risk
- 1st line and 2d line: The partnership model
- Use and reuse: The Invisible Framework
- Business value of ORM
Risk Reporting and Conduct Reporting
- Modern issues on events and risk reporting: the regulator’s view
- Analysing operational risk data: get insight, tell a story
- Management information: the “reporting cake”
- Aggregate and escalate risk information: your options
- Conduct reporting: themes and details
- Highlights of best practice, Group discussion and sharing of experience
Defining Risk Culture
- Acting on behaviours: the Influencer
- Necessary conditions: willingness and ability
- Risk Culture: DESIRE steps: Define – Inspire – Support – Enable – Reinforce – Evaluate
- Assessing the risk culture
Risk Appetite, Internal Controls and KRIs
Defining Risk Appetite statements and tolerance limits
- Industry guidance on Risk Appetite
- Risk appetite, tolerance, risk limits and controls
- Templates and options for actionable Risk Appetite
- Risk Appetite Statements: Features and Examples
- Cascading Risk Appetite: RCSA & Indicators
- KRI and risks limits
- Slips and mistakes: Typology and causes of human errors
- HRA: Human Reliability Analysis and other methods
- Understand and treat the causes of human error
- Effective or Illusory controls
- Prevention by Design
Root causes analysis – the bow-tie
- Root cause analysis: tool and method
- Benefits of root cause analysis: tracking the common failures and systematic patterns
- Treating causes over symptoms
- Bow-tie: a most effective tool to define
- Preventive and corrective controls
- Leading KRIs
- Risk likelihood and expected impact
Features of leading KRIs
- KRI, KPI, KCI: definitions and uses.
- A typology of Key Risks indicators
- KRIs: metrics of risks drivers
Cyber Security, Scenario Analysis and Project Risks
Cyber threats and information security
- Cyber threat landscape
- An old emerging risk
- Key controls in cyber security
- Physical and behavioural measures
- Priorities in prevention
- Lessons learnt from some incidents
Scenario Analysis: Governance, Stress testing and Assessment methods
- Four dimensions of stress-testing
- Steps and governance of scenario analysis
- Tackling behavioral biases in scenario assessment
- Industry practices and lists of scenarios
- Assessing probabilities of rare events
- Acting on Scenario Analysis
Reorganisation risk and project management
- Risk due to changes and re-organisations
- The trap of cost-cutting
- Invisible opportunity costs
- Essentials of project risk management
Key Risk Indicators
What are Key Risk Indicators?
How are they different from Key Performance Indicators?
Relationship to KPIs
Common challenges
KRIs as leading indicators
Root cause events
Intermediate events
KRI Framework
Risk Appetite
Defining and maintaining a KRI framework
Selecting KRIs
Setting thresholds
Monitoring and reassessing KRIs
Identifying and Investing KRIs
Escalating Exceptions
Linking objectives and strategies to risks
Contribution of objectives, strategies and potential risks
KRIs as a strategic management tool
Proactively addressing emerging risks
Relationship to Enterprise Risk Management
Common Mistakes
Core Elements of Well-Designed KRIs
Common KRIs for financial firms
Communication and Reporting
Role of the board
Procedures and policies
Communicating the value proposition of KRIs
Preventive KRIs
Selecting and designing KRI steps by step
Metrics of risk drivers
A typology of KRIs: Exposure, stress, casual and failure
KRI design and reporting
Root cause analysis for KRI identification
Root cause analysis and lessons learn from large incidents
Cause of the cause: the benefits
Bow tie tool: tracking common failures and systematic patterns
Root cause and risk prevention
Process mapping and control design
Process mapping: Highlights risk and controls at every step
KCIs: Assessing controls: Their existence, their effectiveness
Typology of controls
Typology of human error: the work of James Reason
Active and latent errors
Prevention by design
KRI for information security risks
Information security risk assessment method: case study
Key controls in information and cyber security
KRIs for information security: exposure, failures and stress indicators
Reporting & Governance on KRI
Reassess your current indicators and select appropriately
KRIs for project risk management & validation
Project management and risk management involvement
KRI for projects
Reporting on projects and changes
Testing KRIs: assess the validity of your indicators
Governance around risk indicators
Indicators for conduct and risk culture
Conduct and Culture: metrics and behaviours
Risk & Control Self-Assessment
OVERALL FRAMEWORK FOR MANAGING ENTERPRISE RISK
Revisiting risks and controls —what are we assessing?
The risk Bow Tie: Causes, Events and Impacts
A risk framework and where RCSA fits
Inherent, Residual, Expected and Targeted Risk
Treatment methods and control effectiveness
Understanding likelihood and impact drivers
DEFINING RISK & CONTROL SELF ASSESSMENT (RCSA)
Objectives of RCSA
What is RCSA?
The importance of linking RCSA to strategy and objectives
The various approaches to RCSA
THE STEPS IN AN RCSA PROCESS
Identifying business and process objectives
Identifying critical processes
Identifying risks
Identifying controls
Assessing risks: Inherent and residual
Assessing the effectiveness of controls
Creating escalations, follow-ups and action plans
RCSA INPUTS
Determining what to assess
Identifying risks
Risk descriptions: what are the rules?
Identifying treatment methods
Types of Control
Likelihood and impact scales
Setting likelihood scales: What measure?
Setting impact scales: How many types of impact?
RCSA PROCESSES
Linking risks to objectives and critical processes
Linking risks to causes and impacts
Linking risks to controls
Assessing the size of risk
Is inherent risk useful and can it be determined?
Cumulative and aggregated control effectiveness
Determining treatment/control improvements
SETTING UP AN RCSA FOR COMPLETION
Deciding on participants
Background information
Carrying out an initial assessment
Carrying out periodic assessment updates
Towards continuous assessment
RCSA REPORTING
Types of report
Information to report
Including RCSA in an aggregated dashboard report
Interpreting reports
USING RCSA
Escalations and notifications
As a risk monitoring and management tool
As a benchmarking tool
As a driver of behaviour
RCSA IN AN INTEGRATED RISK MANAGEMENT PROCESS
Linking RCSA to KRIs, Compliance, Incident Management, Issues and Action Tracking
Obtaining business engagement
THE FUTURE OF RCSA
Maximising the value from the RCSA process
The main pitfalls and how to overcome them
Who Can Sit for the Exam?
- Managers and officers in operational risk management function
- Process and business owners
- Team Leaders
- Holders of the CRMP certificate issued by RMA
- Enterprise Risk Managers
- Operational Risk Managers
- Operations Managers
- Internal Auditors
- HR officers
- Compliance officers
- Consultants
- Regulators
- All staff in an organisation
Enroll for Exam
If you are ready to take the certification exam, click the button below to enrol now.