Client-Specific, Operational Risk Management

Download Report

Transcript Client-Specific, Operational Risk Management

Client-Specific, Operational Risk Management, SolutionBuilding Workshops
The following pages show a list of workshops that
may be provided individually
or as a twenty-five day curriculum that may
be spread over one-year period
The workshop delivery is client-specific.
A client briefing will be held approximately one week prior to
starting the workshop so that specific areas of interest
and concern to the client enterprise may be addressed during the workshop
The location is on the client-site or a client-selected external location.
The course components may be used as a ‘shopping list’. A single workshop,
a number, or the whole course may be selected
The courses are charged at the facilitator’s daily fee rate. Participant numbers
are at the discretion of the client but may range from one-person
mentoring sessions, to twenty-person syndicated workshops.
(Larger numbers will utilise two facilitators)
The Board–level structured discussion, in its two-hour format
(Please see over)
will be delivered free of charge should a client elect to take the entire
NT Hoppé
Governance, Risk & Resilience
Knowledge Transfer
NT Hoppé
Governance, Risk & Resilience
Knowledge Transfer
Operational Risk Management Workshops
(Primary Management Issues & Solutions)
1. 21st Century Operational Risk Management
(options) 2hrs/ Half-Day/1 Day
Director and senior risk management-level structured discussion
- Establishing the ORM scope, component parts, relationships, interfaces and framework
- Developing an operational risk management (ORM) strategy and transformation programme
2. Organisation, Methods, Terms of Reference & Reporting
3 Days
- Three lines of defence SWOT
- ORM21, A methodology for applying and transforming ORM across an enterprise
- ORM Assurance across the Extended Enterprise
- How to; Assess, Measure, Monitor and Assure
- The ORM Framework
- Approach, Attitude Management & Risk Culture
- Brand Protection, ‘normally’ and as part of incident management
- Relationships with Legal, Compliance, Audit, Insurance and others
3. Risk Reviews & Assessment
4. Reputation Risk Management (with the Reputation Consultancy Ltd)
2 Days +
Reputation risk assessment and risk registers
Assurance across the Extended Enterprise
‘Normal’ management, and during change and incidents
Social media and Big Data analysis
Choice from four half-day workshops covering specific issues
5. Building a “Policy House”
2 Days
Risk Assessment Methods
Project Risk Assessment and Governance
Contribution of Key Risk Indicators, Key Performance Indicators and Key Control Indicators
ORM and Stress Testing
2 Days
Scoping and developing Policy, Practices, Standards & Procedures
How to develop a visible, cohesive structure of mandated controls
Guidelines, promotion, implementation and sustainability
6. Extended Enterprise/Outsource Risk Management
2 Days
- The Boundary of Control and the breadth and depth of the extended enterprise
- Internal, External, Offshore and Chain Outsourcing
- The extended ORM framework
- ORM Assurance outside the boundary of control
7. Asset Risk Classification
- Classification and Assessment
- The Classification Cube Model and its Implementation
- The Classification Project
[email protected]
1 Day
NT Hoppé
Governance, Risk & Resilience
Knowledge Transfer
Operational Risk Management Workshops
(Key Risk Areas: How to Manage, Measure and Assure Them)
1. Assuring Resilience and Continuity
- Planning, Analysis and Comparison
- Corporate resilience governance and assurance
- Establishing an incident management and recovery capability
- Scenario testing
2 Days
2. Information Risk Management
- Information Risk as a strategic issue
- Tope down, three-level sub-framework
- Relationship with Information Technology Security and Information Security
- Records Retention Risk Management
- Privacy & Data Protection
- Intellectual Property Protection
2 Days
3. Process Risk Management
- Process Risk Assessment and Analysis
- Converging pure process risk management with other KRAs
- Process risk governance across the extended enterprise
- Process Risk Management and quality assurance
- Classification, measurement and reporting
1 Day
4. Project Risk Management
- Blending with Six Sigma and Project Management Methodologies
- Setting up the function for project approval, conduct and termination
1 Day
5. Malfeasance Management
(Protection and investigation of deliberate acts against the organisation)
- Developing and implementing a counter-malfeasance function
- Investigations, Research, Operations & Oversight
- Developing a proactive approach; Intelligence, Big Data and Supporting Structures
1 Day
6. Human Resource (HR) Risk Management
(Protecting the organisation and its business from its people)
- Recruitment risk management
- Continuing HR risk assessment
- Risk management in personnel termination and downsizing projects
- Industrial relations monitoring
- Risk training and communications
1 Day
7. Personnel Protection & Physical Asset Protection
(Protecting the organisation’s people from the organisation)
- Health & Safety when and wherever at work
- Travel security, protection from and management of kidnap for ransom incidents
- Property protection
- Protective and detective systems
2 Days
8. Organisation & Operations with Other Risk and Control Functions
The strength of relationship and formal network with:
- Insured Risk, Legal Risk, Regulation & Compliance, Audit, Quality etc.
1 Day
9. Operational Risk Measurement
- Key risk, performance and control indicators: What they are, how to use them, how to
report them and how to forecast using them
- Development and when to use ORM scorecards, heat-maps and footprints
- Stress testing ORM, and within the firm-wide tests
1.5 Days