Protecht

In this course, David Tattam, Chief Research and Content Officer at Protecht, covers essential risk management concepts and provides practical training on how Line 1 can excel in their role and contribute to effective risk management.

For risk management to be effective, it needs to be embedded as part of day-to-day activities – not something separate.

In this training we cover the role of Line 1 in risk management, what ‘Line 1’ really means, the key risk management processes Line 1 may be involved in, and the skills and behaviours required to achieve organisational objectives.

Course description: 1. Defining Your Role as Line 1, 2. Why do we need risk management?, 3. Objectives of Risk Management, 4. Understanding Risk, 5. Understanding Controls, 6. How to Manage Risks, 7. When Do We Manage Risks

Course expectations: Watch 23 videos | Answer 5 knowledge questions | 1 x Interactive example Timings: 3 hours of video content | 3.5-4 hours for the whole course Cost:  RiskNZ Members: $490+GST | Non-member: $562+GST Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course Protecht PDF Risk Management for Line 1

Board members play a critical role in ensuring sustainable success in their organisation – which can only be achieved through intelligent risk taking and effective governance.

In this course, David Tattam, Chief Research and Content Officer at Protecht, provides directors and board members the knowledge and skills to both work with and provide challenge to executive management on the effectiveness of risk frameworks, processes and culture within their organisation.

The course distinguishes between the oversight responsibilities of the board and the day-to-day practices of management, enabling boards to discharge their oversight responsibilities while understanding ‘what good looks like’.

Course description: 1. Who is responsible for risk management?, 2. The value of risk management, 3. Understanding risks, 4. Understanding controls, 5. Risk management frameworks, 6. Board risk management processes, 7. Board risk appetite, 8. Organisational risk management processes, 9. Risk reporting, 10. Cadence of risk management, 11. Risk culture and behaviours

Course expectations: Watch 18 videos | Answer 5 knowledge questions | Answer 10 quiz questions Timings: 3 hours of video content | 3.5-4 hours for the whole course Cost: RiskNZ Members: $490+GST | Non-member: $562+GST Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF: Risk Management for Boards

In this course, David Tattam, Chief Research and Content Officer at Protecht, provides an introduction to Enterprise Risk Management (ERM), and the value that it brings to an organisation when it is well designed and put into practice.

ERM is all about managing the full range of enterprise risks in a consistent, common, and integrated way so as you deliver a complete aggregated view of risk across the organisation. The key is moving from a siloed, risk and business area centric view of risk to one that is truly enterprise wide.

This course provides the complete jigsaw puzzle that is ERM, covering in a practical way, the elements that make up a strong ERM capability from Governance, People and Culture, Escalation and Reporting and Continuous Improvement, through to a focus on all of the typical systems and processes that need to be in place. These include Risk Assessment, Risk Metrics, Incident Management, Controls Assurance, Issues and Actions Management and Compliance.

The course will build an ERM ecosystem that sets out the complete picture of practical ERM to enable you to develop a blueprint in order to benchmark your current framework and capabilities and assist you in developing your strategy for your Enterprise Risk Management going into the next decade.

Course description: 1. What is ERM?, 2. The value of ERM, 3. Understanding risk and controls, 4. An enterprise risk management framework, 5. The risk management framework components, 6. ERM Governance, 7. Processes and systems, 8. Escalation, reporting and response, 9. Continuous improvement, 10. People & culture

Course expectations: Watch 27 videos |Answer 13 knowledge questions |Answer 10 quiz questions Timings: 3.5 hours of video content |4-5 hours for the whole course Cost: RiskNZ Members: $875+GST | Non-member: $1000+GST Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF: Enterprise Risk Management – Bringing it To Life

In this course, David Tattam, Chief Research and Content Officer at Protecht, provides an introduction to the principles of bow tie analysis, leading into hands-on exercises in creating risk bow ties.

Bow tie and root cause analysis are the keys to the effective and proactive management of risk. Prevention is better than cure and prevention comes from managing risk at its source, the root causes. In addition, root cause analysis applied to incident management allows us to understand where things went wrong, to identify the issues and develop actions to remediate.

This course provides you with a detailed working knowledge of the risk bow tie analysis technique and its application in not only root cause analysis but in providing a wider and more intimate knowledge of your risks. Risk bow ties should be at the centre of everything we do in risk management.

The deep analysis of risk using risk bow tie will also be used to develop clear risk taxonomies and ensure risk descriptions are clear and consistent.

Course overview: 1. The case for bow tie analysis – what are its uses?, 2. Nature and components of risk and bow tie analysis, 3. Various risk analysis techniques, 4. A history of bow ties, 5. The principles of bow tie analysis, 6. The methods of bow tie analysis, 7. The methods of root cause analysis, 8. Use cases for bow tie and root causes, 9. Who should use the techniques?, 10. When should the techniques be used?

Course expectations: Watch 31 videos | Answer 14 knowledge questions | Complete 3 interactive bow ties |Answer 10 quiz questions Timings: 3 hours 30 minutes of video content |4-5 hours for the whole course Cost: RiskNZ Members: $875+GST | Non-member: $1000+GST Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF: Risk Bow Tie and Root Cause Analysis

In this course, David Tattam, Chief Research and Content Officer at Protecht, focuses on improving knowledge and skills in relation to setting risk appetite and tolerance for your organisation’s key risks.

The setting of an organisation’s risk appetite is a critical component of a robust risk management framework.

By the end of this course, you will gain insights into how to develop a comprehensive Risk Appetite Framework and Risk Appetite Statement for your organisation.

Course overview: 1. The uses and value of risk appetite, 2. What risk appetite is and what it means, 3. Determining risks to set appetite, 4. Articulating risk appetite, 5. Appetite articulation and appetite evaluation zones, 6. Setting appetite and tolerance for outcomes and risks, 7. Using the likelihood and impact matrix, 8. Setting risk tolerances for financial and non-financial risks, 9. The risk appetite statement, 10. Operationalising the risk appetite, 11. Risk reporting using the risk appetite, 12. Responsibilities for risk appetite, 13. When risk appetite is revised

Course expectations: Watch 23 videos | Answer 4 knowledge questions |Complete 1 interactive risk appetite test | Answer 10 quiz questions Timings: 3 hours of video content | Approximately 4 hours for the whole course Cost: RiskNZ Members: $875+GST | Non-member: $1000+GST Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF:  Risk Appetite Statements and Frameworks

In this course, David Tattam, Chief Research and Content Officer at Protecht, covers all aspects of the RCSA process from design and implementation through to carrying out assessments, reporting results and creating follow up actions.

The course is aimed at risk practitioners and business managers who have, or are looking to implement, a robust and comprehensive Risk & Control Self Assessment (RCSA) process within their organisation. It considers the RCSA process both as a stand-alone process and as part of an integrated Enterprise Risk Management framework.

The course applies the ISO 31000 and 31010 standards.

Course overview: 1. Objectives & purpose of RCSA, 2. What are we assessing – risks, 3. What are we assessing – controls, 4. Risk & control taxonomies, 5. Risk management & RCSA frameworks, 6. Approaches to risk assessment, 7. RCSA methods, 8. RCSA process, 9. RCSA reporting, 10. When should risk assessment be carried out?, 11. Roles and responsibilities

Course expectations: Watch 25 videos | Answer 12 knowledge questions | Complete 1 Interactive Risk Assessment Forecast | Answer 10 quiz questions Timings: 4.5 hours of video content | Approximately 5-6 hours for the whole course Cost: RiskNZ Members: $875+GST | Non-member: $1000+GST Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF:  Risk & Control Self-Assessment

Your internal control framework and individual controls are the front line in managing your risks, yet they are often misunderstood, neglected and operating inefficiently and ineffectively.

This course presented by David Tattam, Chief Research and Content Officer at Protecht, is focused on providing a deep understanding of controls to enable optimally designed controls to be implemented to achieve maximum effect for minimum cost.

Once we are comfortable that we have a well-designed controls framework, we need to gain assurance that our key controls are working effectively. Having a robust controls assurance function is key.

The course will take you through best practice in controls assurance to allow you to benchmark your existing process or assist in building an effective and efficient function.

Course overview: 1. The purpose and value of controls and controls management, 2. What are risks, treatments and controls?, 3. Types of controls and control frameworks, 4. How controls modify risk, 5. Measuring controls, 6. Control objectives, 7. Designing effective controls, 8. Operating effective controls, 9. Control assurance, 10. Controls assessment, 11. Issues & actions, 12. Controls reporting, 13. Control ownership and culture

Course expectations: Watch 25 videos | Answer 9 knowledge questions | Answer 10 quiz questions | 4 downloadable materials Timings: 4 hours of video content | Approximately 5 hours for the whole course Cost: RiskNZ Members: $875+GST | Non-member: $1000+GST Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF:  Protecht Controls Design and Assurance

This course, presented by David Tattam, Chief Research and Content Officer at Protecht, covers both Compliance Management and Compliance Risk Management.

The focus is on the development of an efficient risk-based approach to compliance management and what that means in practice from recording compliance obligations to setting up a risk-based approach to monitoring compliance. The management of compliance risk is also covered using an ERM framework.

The course also covers the ISO 37301 standard and aligns the concepts to this standard.

Course overview: 1. Why we need compliance management, 2. What is compliance management and compliance risk management?, 3. What are compliance obligations?, 4. Compliance risk and compliance controls, 5. Compliance management, 6. Compliance change management, 7. Compliance risk management, 8. Risk appetite for compliance, 9. Compliance risk assessment, 10. Risk metrics for compliance risks, 11. Compliance controls management, 12. Compliance incident management, 13. Compliance reporting, 14. Compliance roles and responsibilities

Course expectations: Watch 16 videos | Answer 9 knowledge questions | Answer 10 quiz questions | 5 downloadable materials Timings: 4.5 hours of video content | approximately 5 hours for the whole course Cost: RiskNZ Members: $875+GST | Non-member: $1000+GST Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF: Compliance Management and Compliance Risk Management

The measurement of risk greatly assists in its management, yet the measurement of particularly non-financial risk is providing elusive. Risk metrics are the key.

David Tattam, Chief Research and Content Officer at Protecht, presents this practical course aimed at risk practitioners and business managers who have implemented or are looking to implement, a robust and comprehensive Key Risk Indicator capability within their organisation.

The course covers all aspects of setting up, running and developing KRI processes that can be used both as an essential component of the overall risk management framework as well as a powerful tool to assist management in the day-to-day control of the business.

Course overview: 1. Objectives of risk metrics, 2. What are risk metrics, 3. What are risks and controls, 4. Types of risk metrics, 5. Identifying relevant and strong metrics, 6. Setting up risk metrics, 7. A risk metrics process, 8. Reporting risk metrics, 9. How to use risk metrics, 10. Roles and responsibilities for risk metrics

Course expectations: Watch 12 videos |3 downloadable materials | Answer 10 quiz questions Timings: 4 hours of video content |Approximately 5 hours for the whole course Cost:  RiskNZ Members: $875+GST | Non-member: $1000+GST Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF: Risk Metrics and Key Risk Indicators

This course is aimed at risk practitioners who want to embed effective risk culture and conduct in their organizations. In addition to insights on how it can be measured, monitored and managed, we cover why culture is an important driver for sustainable performance and therefore is a key focus for regulators.

This course explores the relationship between culture and conduct, and particularly risk culture. It provides risk practitioners with tools to consciously design desirable culture and conduct and evaluate gaps that need to be bridged. We cover who is responsible for setting and embedding desired culture, and how it influences organizational decision-making.

Course Overview: 1. Why we need to manage culture and conduct, 2. What is culture and conduct risk, and risk culture?, 3. Drivers of risk culture and conduct, 4. Features of strong risk culture, 5. Regulatory Requirements and Guidance, 6. Setting Desired Culture and Conduct, 7. Measuring and Monitoring Culture and Risk Culture, 8. Managing Culture and Conduct Risk, 9. Decision Making Process as a Key Management Tool, 10. Reporting on Culture and Conduct, 11. Who is Responsible for Managing Culture and Conduct?, 12. The Future of Culture and Conduct Risk Management

Course expectations: Watch 13 videos |Access 9 downloadable materials |Answer 10 quiz questions Timings: 3 hours of video content | Approximately 4 hours for the whole course Cost: RiskNZ Members: $875+GST | Non-member: $1000+GST  Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF: Culture and Conduct Risk Management

This course is aimed at risk practitioners and business managers who are responsible for building and managing third party risk management (TPRM) frameworks and processes in their organization.

This course details the key processes you will need to develop and how to adapt them to your organization. It also acknowledges that TPRM is not as simple as introducing a set of processes. We explore governance and roles and responsibilities, and how TPRM should be integrated into broader risk management capabilities of the organization. We cover how you can monitor and measure third party risks as well as performance of your TPRM program.

You will develop the skills and tools needed to implement a comprehensive and effective TPRM framework.

Course Overview: 1. Defining Third Party Risk Management, 2. Drivers of Third Party Risk Management, 3. What Are We Managing? Third Party Risks, 4. A TPRM Framework and Process, 5. Onboarding and Tiering, 6. Ongoing Monitoring and Risk Management, 7. Offboarding, 8. Reporting for TPRM, 9. Practical Steps to Implement Your TPRM Program, 10. Integrating TPRM and ERM, 11. Overcoming Challenges in Your TPRM Program, 12. Who Manages TPRM?, 13. When is TPRM Carried Out?

Course expectations: Watch 13 videos |Access 14 downloadable materials | Answer 10 quiz questions Timings: 3 hours of video content |Approximately 4 hours for the whole course Cost: RiskNZ Members: $875+GST | Non-member: $1000+GST

Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF: Third Party Risk Management

This course is aimed at risk practitioners who want to gain an understanding of risks associated with strategy, projects and change with an in-depth look into the tools to analyze these risks.

In this course, we cover the different stages of strategic decisions, from the upfront decision, execution of projects, and final delivery into operations. We consider the different stages of risk throughout these transitions, and provide tools and techniques to integrate strategic and project risks into a broader risk framework.

We walk through the process of future risk assessments to ensure that not only is the project executed well, but that surprises are not delivered in new operating models.

Course Overview: 1. The need for better strategic & project risk management 2. Understanding the risk in strategy and change 3. Strategic decision risk 4. Risk-based decision making 5. Strategic Execution Risk 6. Strategic Delivered Risk 7. Strategic & Project Risk as Part of Enterprise Risk Management 8. Risk Appetite for Strategic, Project and Delivered Risk 9. Managing Strategic and Project Risk 10. Responsibilities and Governance Structures 11. When Strategic & Project Risk Management is practiced

Course expectations: Watch 11 videos | Access 11 downloadable materials | Answer 4 knowledge tests |Review 1 case study | 2 x Interactive examples | Answer 10 quiz questions

Timings: 3.5 hours of video content | Approximately 4.5 hours for the whole course

Cost: RiskNZ Members: $875+GST | Non-member: $1000+GST

Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF: Strategic and Project Risk Management

The difference between a well-managed or poorly executed incident process can have a significant impact on outcomes.

This course, presented by David Tattam, Chief Research and Content Officer at Protecht, is aimed at risk practitioners wanting to gain an understanding of what a risk incident is and what the different types of incident are, thereby gaining awareness of the processes required to manage an incident well.

It provides guidance on how to develop an incident management process that can be managed from initial identification through to closure. It includes how to integrate your incident management processes into other enterprise risk management to enable integrated risk reporting and assurance. You will gain the ability to analyse an incident using bow tie analysis to address weaknesses and identify improvements to avoid it happening again.

Course description: 1. Objectives of incident management, 2. Defining incidents, 3. Key steps in managing incidents, 4. Defining the incident management process, 5. Standards for incident management, 6. Root cause analysis, 7. Incident management as part of enterprise risk management, 8. Incident reporting, 9. When to carry out incident management, 10. Roles and responsibilities

Course expectations: Timings: 3 hours of video content | Approximately 4 hours for the whole course

Cost:  RiskNZ Members: $875+GST | Non-member: $1000+GST

Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF: Incident Management

This course is aimed at risk practitioners and business managers who are responsible for building operational resilience in their organisation. It breaks down what it means to be operationally resilient, and lays out practical steps you can take to understand business operations in order to pursue resilience strategies, and test your organisation’s capability to remain resilient under operational disruption and stress.

The course leverages the extensive guidance issued to date by financial services regulators around the world (including the FCA, PRA, Basel, ECB, Fed and APRA) – however, it takes a principles and outcome based approach, and can be applied to any sector or region. This guidance is used as a base for introducing a comprehensive, practical and efficient resilience methodology which leverages from, and integrates with, your existing ERM framework, including business continuity management (BCM), recovery and contingency plans, stress testing and capital management capabilities.

Our trainers David Tattam (Chief Research & Content Officer), Michael Howell (Research & Content Lead), and Hela Ebrahimi (Senior Risk Consultant) focus on developing a methodology you can use to achieve operational resilience while aligning with existing risk management processes in your organisation.

Course description: 1. Defining operational resilience, 2. What disruptions are we managing?, 3. An operational resilience framework, 4. An operational resilience framework, 5. Identifying stakeholders and objectives, 6. Identifying critical operations, 7. Setting tolerance levels, 8. Mapping your critical operations, 9. Assessing health of resources, 10. Scenario scoping and testing, 11. Issues and actions management, 12. Reporting on operational resilience, 13. Integrating operational resilience and enterprise risk management, 14. Roles and responsibilities, 15. When is operational resilience performed?

Course expectations: Watch 16 videos | Answer 10 quiz questions |Access 11 downloadable materials

Timings: 3 hours of video content | Approximately 4 hours for the whole course

Cost:  RiskNZ Members: $875+GST | Non-member: $1000+GST

Next steps: Register Via: [email protected], Receive Invoice, Payment, Set-up with Log In To Course

** Download Full Course PDF: Operational Resilience

Course Overview: Artificial intelligence holds extraordinary potential to transform how organizations operate and deliver value to stakeholders—but only if it is governed and managed effectively. Whether you are a risk professional integrating AI into enterprise frameworks or a technology leader responsible for AI initiatives, this course equips you with the structures, processes, and tools to harness innovation safely and confidently.

Through relatable stories, real-world examples and case studies, you’ll learn how to design and implement AI governance, integrate AI risk into your enterprise risk management processes, and apply controls that protect your organization while enabling opportunity. We cover the full AI lifecycle—from strategy and design, to deployment, monitoring, and continual improvement—ensuring you can provide assurance to both internal and external stakeholders that AI is used responsibly.

Our trainers David Tattam – Chief Research & Content Officer, Michael Howell – Head of Risk Research & Knowledge provide you with a complete, ready-to-use toolkit to embed robust AI governance and risk management in your organisation, aligned with emerging regulations, industry standards, and best practice.

Course description: 1. The Need for AI Governance and Risk Management, 2. Defining AI, 3. Defining AI Risks, 4. Defining AI Controls, 5. AI Governance and Risk Management Frameworks & Processes, 6. AI Risk Appetite, 7. AI Governance & AI Policy, 8. AI Risk Assessment, 9. AI Risk Metrics, 10. AI Controls, 11. 11. AI Governance & Risk Management Reporting, 12. Integrating with Enterprise Risk Management, 13. Responsibility for AI Governance & Risk Management

Cost: RiskNZ Members: $875+GST | Non-member: $1000+GST

Course Overview: Cyber and information security are no longer just technical issues, they are critical business risks that demand enterprise-wide management. This course bridges the gap between cybersecurity frameworks and enterprise risk management, helping you connect your cyber controls, assurance, and governance practices to your broader organisational risk objectives. Whether you’re a cyber leader seeking to align with risk frameworks, or a risk professional expanding into the cyber domain, this course will give you the clarity and confidence to bring the two worlds together.

Through relatable stories, real-world examples, and practical tools, you’ll learn how to design and implement cyber risk management processes that integrate seamlessly with your enterprise risk management framework. We’ll cover the key components of cyber and information security management—from frameworks and governance, to metrics, incident response, and risk appetite—equipping you to provide meaningful assurance and insight to executives and boards.

Our trainers David Tattam – Chief Research & Content Officer, Michael Howell – Head of Risk Research & Knowledge, and Michael Franklin – Cyber Security Lead guide you through Protecht’s approach to managing cyber risk within an enterprise context. You’ll finish with a complete, ready-to-use toolkit to embed effective cyber risk management, align with standards such as ISO 31000 and NIST, and drive a culture of informed risk-taking—not risk avoidance—across your organisation.

Course Description – In this course, you’ll learn: 1. The Need for Cyber Risk Management, 2. Defining Cyber Risk, 3. Defining Cyber Risk Controls 4. Cyber Risk Management Frameworks & Processes 5. Cyber Risk Appetite, 6. Cyber Risk Assessment, 7. Measuring Cyber Risk, 8. Cyber Risk Metrics, 9. Cyber Controls Management, 10. Cyber Incident & Crisis Management, 11. Issues and Action Management, 12. Reporting & Communication, 13. Integrating with Enterprise Risk Management, 14. Responsibilities for Cyber Risk Management

Cost: RiskNZ Members: $875+GST | Non-member: $1000+GST