Protecht

In this course, David Tattam, Chief Research and Content Officer at Protecht, covers essential risk management concepts and provides practical training on how Line 1 can excel in their role and contribute to effective risk management.

For risk management to be effective, it needs to be embedded as part of day-to-day activities – not something separate.

In this training we cover the role of Line 1 in risk management, what ‘Line 1’ really means, the key risk management processes Line 1 may be involved in, and the skills and behaviours required to achieve organisational objectives.

Course description:

1. Defining Your Role as Line 1

2. Why do we need risk management?

3. Objectives of Risk Management

4. Understanding Risk

5. Understanding Controls

6. How to Manage Risks

7. When Do We Manage Risks

Course expectations: Watch 23 videos | Answer 5 knowledge questions | 1 x Interactive example

Timings: 3 hours of video content | 3.5-4 hours for the whole course

Cost:  RiskNZ Members: $490+GST | Non-member: $562+GST

Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF: Risk Management for Line 1-1

Board members play a critical role in ensuring sustainable success in their organisation – which can only be achieved through intelligent risk taking and effective governance.

In this course, David Tattam, Chief Research and Content Officer at Protecht, provides directors and board members the knowledge and skills to both work with and provide challenge to executive management on the effectiveness of risk frameworks, processes and culture within their organisation.

The course distinguishes between the oversight responsibilities of the board and the day-to-day practices of management, enabling boards to discharge their oversight responsibilities while understanding ‘what good looks like’.

Course description:

1. Who is responsible for risk management?

2. The value of risk management

3. Understanding risks

4. Understanding controls

5. Risk management frameworks

6. Board risk management processes

7. Board risk appetite

8. Organisational risk management processes

9. Risk reporting

10. Cadence of risk management

11. Risk culture and behaviours

Course expectations: Watch 18 videos | Answer 5 knowledge questions | Answer 10 quiz questions

Timings: 3 hours of video content | 3.5-4 hours for the whole course

Cost: RiskNZ Members: $490+GST | Non-member: $562+GST

Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF: Risk Management for Boards

In this course, David Tattam, Chief Research and Content Officer at Protecht, provides an introduction to Enterprise Risk Management (ERM), and the value that it brings to an organisation when it is well designed and put into practice.

ERM is all about managing the full range of enterprise risks in a consistent, common, and integrated way so as you deliver a complete aggregated view of risk across the organisation. The key is moving from a siloed, risk and business area centric view of risk to one that is truly enterprise wide.

This course provides the complete jigsaw puzzle that is ERM, covering in a practical way, the elements that make up a strong ERM capability from Governance, People and Culture, Escalation and Reporting and Continuous Improvement, through to a focus on all of the typical systems and processes that need to be in place. These include Risk Assessment, Risk Metrics, Incident Management, Controls Assurance, Issues and Actions Management and Compliance.

The course will build an ERM ecosystem that sets out the complete picture of practical ERM to enable you to develop a blueprint in order to benchmark your current framework and capabilities and assist you in developing your strategy for your Enterprise Risk Management going into the next decade.

Course description:

1. What is ERM?

2. The value of ERM

3. Understanding risk and controls

4. An enterprise risk management framework

5. The risk management framework components

6. ERM Governance

7. Processes and systems

8. Escalation, reporting and response

9. Continuous improvement

10. People & culture

Course expectations: Watch 27 videos |Answer 13 knowledge questions |Answer 10 quiz questions

Timings: 3.5 hours of video content |4-5 hours for the whole course

Cost: RiskNZ Members: $875+GST | Non-member: $1000+GST

Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF: Enterprise Risk Management – Bringing it To Life

In this course, David Tattam, Chief Research and Content Officer at Protecht, provides an introduction to the principles of bow tie analysis, leading into hands-on exercises in creating risk bow ties.

Bow tie and root cause analysis are the keys to the effective and proactive management of risk. Prevention is better than cure and prevention comes from managing risk at its source, the root causes. In addition, root cause analysis applied to incident management allows us to understand where things went wrong, to identify the issues and develop actions to remediate.

This course provides you with a detailed working knowledge of the risk bow tie analysis technique and its application in not only root cause analysis but in providing a wider and more intimate knowledge of your risks. Risk bow ties should be at the centre of everything we do in risk management.

The deep analysis of risk using risk bow tie will also be used to develop clear risk taxonomies and ensure risk descriptions are clear and consistent.

Course overview:

In this course, you’ll learn:

1. The case for bow tie analysis – what are its uses?

2. Nature and components of risk and bow tie analysis

3. Various risk analysis techniques

4. A history of bow ties

5. The principles of bow tie analysis

6. The methods of bow tie analysis

7. The methods of root cause analysis

8. Use cases for bow tie and root causes

9. Who should use the techniques?

10. When should the techniques be used?

Course expectations: Watch 31 videos | Answer 14 knowledge questions | Complete 3 interactive bow ties |Answer 10 quiz questions

Timings: 3 hours 30 minutes of video content |4-5 hours for the whole course

Cost: RiskNZ Members: $875+GST | Non-member: $1000+GST

Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF: Risk Bow Tie and Root Cause Analysis

In this course, David Tattam, Chief Research and Content Officer at Protecht, focuses on improving knowledge and skills in relation to setting risk appetite and tolerance for your organisation’s key risks.

The setting of an organisation’s risk appetite is a critical component of a robust risk management framework.

By the end of this course, you will gain insights into how to develop a comprehensive Risk Appetite Framework and Risk Appetite Statement for your organisation.

Course overview:

1. The uses and value of risk appetite

2. What risk appetite is and what it means

4. Determining risks to set appetite for

5. Articulating risk appetite

6. Appetite articulation and appetite evaluation zones

7. Setting appetite and tolerance for outcomes and risks

8. Using the likelihood and impact matrix

9. Setting risk tolerances for financial and non-financial risks

10. The risk appetite statement

11. Operationalising the risk appetite

12. Risk reporting using the risk appetite

13. Responsibilities for risk appetite

14. When risk appetite is revised

Course expectations: Watch 23 videos | Answer 4 knowledge questions |Complete 1 interactive risk appetite test | Answer 10 quiz questions

Timings: 3 hours of video content | Approximately 4 hours for the whole course

Cost: RiskNZ Members: $875+GST | Non-member: $1000+GST

Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF:  Risk Appetite Statements and Frameworks

In this course, David Tattam, Chief Research and Content Officer at Protecht, covers all aspects of the RCSA process from design and implementation through to carrying out assessments, reporting results and creating follow up actions.

The course is aimed at risk practitioners and business managers who have, or are looking to implement, a robust and comprehensive Risk & Control Self Assessment (RCSA) process within their organisation. It considers the RCSA process both as a stand-alone process and as part of an integrated Enterprise Risk Management framework.

The course applies the ISO 31000 and 31010 standards.

Course overview:

1. Objectives & purpose of RCSA

2. What are we assessing – risks

3. What are we assessing – controls

4. Risk & control taxonomies

5. Risk management & RCSA frameworks

6. Approaches to risk assessment

7. RCSA methods

8. RCSA process

9. RCSA reporting

10. When should risk assessment be carried out?

11. Roles and responsibilities

Learning objectives:

• An in-depth understanding of the objectives and outcomes of a robust RCSA process
• An understanding of how the RCSA process integrates into an enterprise risk management framework and how the results of RCSA can be used in scenario analysis, key risk indicators, incident management and compliance
• The ability to design an effective and efficient RCSA process
• The ability to set relevant risk scoring scales to reflect risk appetite and tolerance
• The ability to produce meaningful reports as output from the RCSA process
• How to use the RCSA in risk and general management
• How to use RCSA results to develop risk treatment improvements
• An appreciation of the system requirements and system pitfalls for an effective RCSA process
• The skills to be able to carry out effective and engaging RCSA workshops
• An understanding of the pitfalls to a successful RCSA process and how to overcome them
• An understanding of relevant external guidance and requirements including ISO 31000 and ISO 31010

Course expectations: Watch 25 videos | Answer 12 knowledge questions | Complete 1 Interactive Risk Assessment Forecast | Answer 10 quiz questions

Timings: 4.5 hours of video content | Approximately 5-6 hours for the whole course

Cost: RiskNZ Members: $875+GST | Non-member: $1000+GST

Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF:  Risk and Control Self-Assessment

Your internal control framework and individual controls are the front line in managing your risks, yet they are often misunderstood, neglected and operating inefficiently and ineffectively.

This course presented by David Tattam, Chief Research and Content Officer at Protecht, is focused on providing a deep understanding of controls to enable optimally designed controls to be implemented to achieve maximum effect for minimum cost.

Once we are comfortable that we have a well-designed controls framework, we need to gain assurance that our key controls are working effectively. Having a robust controls assurance function is key.

The course will take you through best practice in controls assurance to allow you to benchmark your existing process or assist in building an effective and efficient function.

Course overview:

1. The purpose and value of controls and controls management

2. What are risks, treatments and controls?

3. Types of controls and control frameworks

4. How controls modify risk

5. Measuring controls

6. Control objectives

7. Designing effective controls

8. Operating effective controls

9. Control assurance

10. Controls assessment

11. Issues & actions

12. Controls reporting

13. Control ownership and culture

Course expectations: Watch 25 videos | Answer 9 knowledge questions | Answer 10 quiz questions | 4 downloadable materials

Timings: 4 hours of video content | Approximately 5 hours for the whole course

Cost: RiskNZ Members: $875+GST | Non-member: $1000+GST

Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF:  Controls design and assurance

This course, presented by David Tattam, Chief Research and Content Officer at Protecht, covers both Compliance Management and Compliance Risk Management.

The focus is on the development of an efficient risk-based approach to compliance management and what that means in practice from recording compliance obligations to setting up a risk-based approach to monitoring compliance. The management of compliance risk is also covered using an ERM framework.

The course also covers the ISO 37301 standard and aligns the concepts to this standard.

Course overview:

1. Why we need compliance management

2. What is compliance management and compliance risk management?

3. What are compliance obligations?

4. Compliance risk and compliance controls

5. Compliance management

6. Compliance change management

7. Compliance risk management

8. Risk appetite for compliance

9. Compliance risk assessment

10. Risk metrics for compliance risks

11. Compliance controls management

12. Compliance incident management

13. Compliance reporting

14. Compliance roles and responsibilities

Course expectations: Watch 16 videos | Answer 9 knowledge questions | Answer 10 quiz questions | 5 downloadable materials

Timings: 4.5 hours of video content | Approximately 5 hours for the whole course

Cost: RiskNZ Members: $875+GST | Non-member: $1000+GST

Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF: Compliance management and compliance risk management

The measurement of risk greatly assists in its management, yet the measurement of particularly non-financial risk is providing elusive. Risk metrics are the key.

David Tattam, Chief Research and Content Officer at Protecht, presents this practical course aimed at risk practitioners and business managers who have implemented or are looking to implement, a robust and comprehensive Key Risk Indicator capability within their organisation.

The course covers all aspects of setting up, running and developing KRI processes that can be used both as an essential component of the overall risk management framework as well as a powerful tool to assist management in the day-to-day control of the business.

Course overview:

1. Objectives of risk metrics

2. What are risk metrics

3. What are risks and controls

4. Types of risk metrics

5. Identifying relevant and strong metrics

6. Setting up risk metrics

7. A risk metrics process

8. Reporting risk metrics

9. How to use risk metrics

10. Roles and responsibilities for risk metrics

Course expectations: Watch 12 videos |3 downloadable materials | Answer 10 quiz questions

Timings: 4 hours of video content |Approximately 5 hours for the whole course

Cost:  RiskNZ Members: $875+GST | Non-member: $1000+GST

Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF: Risk metrics and Key Risk Indicators 

This course is aimed at risk practitioners who want to embed effective risk culture and conduct in their organizations. In addition to insights on how it can be measured, monitored and managed, we cover why culture is an important driver for sustainable performance and therefore is a key focus for regulators.

This course explores the relationship between culture and conduct, and particularly risk culture. It provides risk practitioners with tools to consciously design desirable culture and conduct and evaluate gaps that need to be bridged. We cover who is responsible for setting and embedding desired culture, and how it influences organizational decision-making.

Course Overview:

1. Why we need to manage culture and conduct

2. What is culture and conduct risk, and risk culture?

3. Drivers of risk culture and conduct

4. Features of strong risk culture

5. Regulatory Requirements and Guidance

6. Setting Desired Culture and Conduct

7. Measuring and Monitoring Culture and Risk Culture

8. Managing Culture and Conduct Risk

9. Decision Making Process as a Key Management Tool

10. Reporting on Culture and Conduct

11. Who is Responsible for Managing Culture and Conduct?

12. The Future of Culture and Conduct Risk Management

Course expectations: Watch 13 videos |Access 9 downloadable materials |Answer 10 quiz questions

Timings: 3 hours of video content | Approximately 4 hours for the whole course

Cost: RiskNZ Members: $875+GST | Non-member: $1000+GST

Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF: Culture & Conduct Risk Management

This course is aimed at risk practitioners and business managers who are responsible for building and managing third party risk management (TPRM) frameworks and processes in their organization.

This course details the key processes you will need to develop and how to adapt them to your organization. It also acknowledges that TPRM is not as simple as introducing a set of processes. We explore governance and roles and responsibilities, and how TPRM should be integrated into broader risk management capabilities of the organization. We cover how you can monitor and measure third party risks as well as performance of your TPRM program.

You will develop the skills and tools needed to implement a comprehensive and effective TPRM framework.

Course Overview:

1. Defining Third Party Risk Management

2. Drivers of Third Party Risk Management

3. What Are We Managing? Third Party Risks

4. A TPRM Framework and Process

5. Onboarding and Tiering

6. Ongoing Monitoring and Risk Management

7. Offboarding

8. Reporting for TPRM

9. Practical Steps to Implement Your TPRM Program

10. Integrating TPRM and ERM

11. Overcoming Challenges in Your TPRM Program

12. Who Manages TPRM?

13. When is TPRM Carried Out?

Course expectations: Watch 13 videos |Access 14 downloadable materials | Answer 10 quiz questions

Timings: 3 hours of video content |Approximately 4 hours for the whole course

Cost: RiskNZ Members: $875+GST | Non-member: $1000+GST

Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF: Third Party Risk Management

This course is aimed at risk practitioners who want to gain an understanding of risks associated with strategy, projects and change with an in-depth look into the tools to analyze these risks.

In this course, we cover the different stages of strategic decisions, from the upfront decision, execution of projects, and final delivery into operations. We consider the different stages of risk throughout these transitions, and provide tools and techniques to integrate strategic and project risks into a broader risk framework.

We walk through the process of future risk assessments to ensure that not only is the project executed well, but that surprises are not delivered in new operating models.

Course Overview:

1. The need for better strategic & project risk management

2. Understanding the risk in strategy and change

3. Strategic decision risk

4. Risk-based decision making

5. Strategic Execution Risk

6. Strategic Delivered Risk

7. Strategic & Project Risk as Part of Enterprise Risk Management

8. Risk Appetite for Strategic, Project and Delivered Risk

9. Managing Strategic and Project Risk

10. Responsibilities and Governance Structures

11. When Strategic & Project Risk Management is practiced

Course expectations: Watch 11 videos | Access 11 downloadable materials | Answer 4 knowledge tests |Review 1 case study | 2 x Interactive examples | Answer 10 quiz questions

Timings: 3.5 hours of video content | Approximately 4.5 hours for the whole course

Cost: RiskNZ Members: $490+GST | Non-member: $562+GST

Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF: Strategic & Project Risk Management

The difference between a well-managed or poorly executed incident process can have a significant impact on outcomes.

This course, presented by David Tattam, Chief Research and Content Officer at Protecht, is aimed at risk practitioners wanting to gain an understanding of what a risk incident is and what the different types of incident are, thereby gaining awareness of the processes required to manage an incident well.

It provides guidance on how to develop an incident management process that can be managed from initial identification through to closure. It includes how to integrate your incident management processes into other enterprise risk management to enable integrated risk reporting and assurance. You will gain the ability to analyse an incident using bow tie analysis to address weaknesses and identify improvements to avoid it happening again.

Course description:

In this course, you’ll learn:

1. Objectives of incident management

2. Defining incidents

3. Key steps in managing incidents

4. Defining the incident management process

5. Standards for incident management

6. Root cause analysis

7. Incident management as part of enterprise risk management

8. Incident reporting

9. When to carry out incident management

10.    Roles and responsibilities

Course expectations:

Timings: 3 hours of video content | Approximately 4 hours for the whole course

Cost:  RiskNZ Members: $875+GST | Non-member: $1000+GST

Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF: Incident management

This course is aimed at risk practitioners and business managers who are responsible for building operational resilience in their organisation. It breaks down what it means to be operationally resilient, and lays out practical steps you can take to understand business operations in order to pursue resilience strategies, and test your organisation’s capability to remain resilient under operational disruption and stress.

The course leverages the extensive guidance issued to date by financial services regulators around the world (including the FCA, PRA, Basel, ECB, Fed and APRA) – however, it takes a principles and outcome based approach, and can be applied to any sector or region. This guidance is used as a base for introducing a comprehensive, practical and efficient resilience methodology which leverages from, and integrates with, your existing ERM framework, including business continuity management (BCM), recovery and contingency plans, stress testing and capital management capabilities.

Our trainers David Tattam (Chief Research & Content Officer), Michael Howell (Research & Content Lead), and Hela Ebrahimi (Senior Risk Consultant) focus on developing a methodology you can use to achieve operational resilience while aligning with existing risk management processes in your organisation.

Course description:

In this course, you’ll learn:

1. Defining operational resilience

2. What disruptions are we managing?

3. An operational resilience framework

4. An operational resilience framework

5. Identifying stakeholders and objectives

6. Identifying critical operations

7. Setting tolerance levels

8. Mapping your critical operations

9. Assessing health of resources

10. Scenario scoping and testing

11. Issues and actions management

12. Reporting on operational resilience

13. Integrating operational resilience and enterprise risk management

14. Roles and responsibilities

15. When is operational resilience performed?

Course expectations: Watch 16 videos | Answer 10 quiz questions |Access 11 downloadable materials

Timings: 3 hours of video content | Approximately 4 hours for the whole course

Cost:  RiskNZ Members: $875+GST | Non-member: $1000+GST

Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF: Operational resilience

• The difference between impact assessment and risk assessment
• Key considerations for an impact assessment
• Integrating impact assessment into risk assessment

• Understanding risk and control using bow ties
• Assessing level of risk using qualitative, semi-quantitative or quantitative approaches

• Mapping controls you apply to external frameworks and standards
• Challenges and approaches to mapping multiple frameworks

• Importance of Control objectives
• Assessing design effectiveness
• Assessing operating effectiveness