Organizations today interact with a highly dynamic and changing world. The environment is unpredictable, volatile and every day more complex the organizational adaptation with the environment becomes complicated.
The intrinsic nature of the firm tries to coexist with the risk. The so-called “Enterprise Risk Management” is a broad and systematic approach to help companies to identify, measure, prioritize and be able to respond to the challenges posed by risks to the achievement of business objectives and related projects.
The “Enterprise Risk Management” is a process in which companies:
- They maintain a vision of the portfolio of the main risks that can distort the achievement of objectives of the different business units.
- They can mitigate the vital risks that could impede the achievement of business.
- They measure and attend to the interrelation of risks in the organization.
- They develop strategies to increase their competitiveness.
The “Enterprise Risk Management” benefits the company in several ways. Here are the more relevant:
- Increase profitability and organizational performance.
- It allows developing a broad and systematic view of risk and controls in the organization.
- Greater integration between corporate governance, risks and compliance.
Develop the skills to understand and manage a business risk management system in each company. Special emphasis will be placed on the development of a strategy for the start of a project to implement business risk management in a certain company.
The participant at the end of the workshop, will have developed the following skills:
- They will understand the role of senior management against Enterprise Risk Management.
- Know how is deployed in an organization, implementation of Enterprise Risk Management.
- They will understand all the requirements demanded by the ISO 31000:2018 standard, and the COSO approach.
- They will learn to develop a methodology to identify risks that interrupt the achievement of objectives.
- They will know the necessary techniques to be able to conduct a risk assessment in their organizations.
- They will know how to identify and select efficient and effective risk mitigation strategies.
Structure of the Program
Methodological Tools to Use:
- Class Dynamics: Explicit presentation of the content and the conceptual and technical aspects associated with each topic in PowerPoint format.
- Case Analysis and Reading Distribution: The conceptual explanations will be combined with the analysis of practical cases that will deepen the different aspects treated.
- Simulation Games: Simulation games are used that replicate real situations in companies when trying to handle projects Enterprise Risk Management.
Description of the Program Structure
>Fundamentals of Enterprise Risk Management
- What is Enterprise Risk Management.
- COSO methodology.
- ISO 31000:2018 Approach.
- Risks and business strategies.
- Role of senior management and Enterprise Risk Management.
- Simulation exercise: Design of a strategic risk committee.
- Foundations of risk in the COSO approach.
- Nature of operational control in COSO.
- Definition of risk management.
- Dynamics of the COSO cube.
- Steps to establish COSO in an organization.
- Risk strategy and appetite.
- Case: Risk analysis under COSO approach.
>ISO 31000:2018 Approach
- Nature of the model ISO 31000:2018.
- Understanding of ISO 31004:2013 as a model to implement ISO 31000:2018.
- Enterprise Risk Management and ISO 31000:2018.
- Development of organizational risk strategies for a company.
- Fundamentals of risk assessment: risk analysis and evaluation.
- Management of a risk treatment plan.
- Case: Use of ISO 31000:2018 in a company.
>Analysis and Risk Assessment in the Company
- Identification of potential threats, and organizational vulnerabilities.
- Model to carry out a risk analysis of the essential business processes.
- Identification of threat scenarios.
- Prioritization of threat scenarios.
- Case: Risk assessment.
>Enterprise Risk Management
- Methodology for the development of a strategy for Enterprise Risk Management.
- Organization of the methodology to be implemented.
- Documentation of a risk policy for a company.
- Organization of the strategic level for the Enterprise Risk Management.
- Review and monitoring of Enterprise Risk Management in the company.
- Organizational culture that supports risk management.
- Case: implementation of Enterprise Risk Management.
Each participant receives reading materials containing the presentation and complementary readings. This material will become a guide to implement Enterprise Risk Management in a specific company.
9:00 AM a 5:00 PM
16 hours (Two consecutive days)