Governance NZ

Enterprise Risk Management

This course covers the basic concepts of Enterprise Risk Management (ERM) and important elements executives and personnel need to be aware of when implementing ERM across their company.

In a world of doing more at a faster pace and ever-changing technology and businesses, organisations both large and small, are either taking on through changes outside of their control (e.g. legislation or regulation), or are absorbing increasing levels of risk.

Therefore, it’s important to align risk strategies with the overall risk management and internal control activities. The inability to do this may place the organisation at risk. With many organisations unable to employ ERM specialists or engage consultants, it falls to executives to try to fill this knowledge gap.

ERM is an initiative important to all aspects of the work undertaken by the executive and board. Mitigating risks, including those in the financial, operational and compliance operations of an organisation allows a range of benefits to be accrued including: increased competitive advantage, increased likelihood of achieving strategic objectives and ability to meet increased societal and stakeholder expectations, improved governance and increased likelihood of meeting regulatory and compliance expectations.

On the satisfactory completion of this course, you will come away with a fuller understanding of ERM, how it fits in most companies and how, and what you can do to make sure ERM works well and effectively protects your company without stifling growth.

What will you learn?

The aim of this subject is to develop an enhanced knowledge of ERM practices to assist the board, or other governing body, to determine its strategic responsibility for risk-taking; demonstrate an understanding of how different risks operate within the context of existing enterprise management frameworks; formulate the organisation’s attitude and policy to risk appetite; tolerance for key individual risks and ensure clear lines of accountability.

The key learning you will undertake includes how to:

  • Understand and apply the foundations, concepts, frameworks and principles of enterprise risk management
  • Quantify and explain the intersections between enterprise risk management, governance and corporate social responsibility
  • Critically apply methods for the development, enhancement and sustainment of robust risk culture supported by enterprise risk management
  • Manage, critically appraise and report to relevant stakeholders, the organisation’s exposure to and treatment of risk and the key risks that could undermine its people, assets, operations, strategy, reputation or long-term viability

Risk in context

  • The nature of risk
  • Risk, strategy and objectives
  • Risk, governance and assurance
  • Risk at the enterprise level
  • ERM standards and guidelines
  • Risk types and categories

  • Opportunity and adversity risk
  • Risk hierarchy
  • Conventional risk categories
  • Risk policy and leadership

  • The board and management
  • Risk appetite and tolerance
  • Risk policy and oversight

  • Risk disciplines and perspectives

  • Risk, innovation and growth
  • Risk and harm avoidance
  • High reliability organisations
  • Emerging risk perspectives

    ERM in practice
  • Developing a basic ERM model
  • Risk aggregation — a portfolio view of risk
  • Risk assessment process
  • Assurance
  • ERM and business decision-making

  • ERM, governance and reputation

  • ERM and governance
  • ERM and critical stakeholders
  • Compliance and ERM
  • Reputation: The ultimate risk?

  • ERM: Social and Organisational Context

  • Risk and organisational culture
  • Ethics and crisis management

  • The benefits of ERM

  • The business case for ERM
  • International trends
  • Case studies in ERM
  • How to measure and evaluate the benefits of ERM
  • Integrating ERM with other initiatives

  • Emerging risks

  • What are emerging risks?
  • ‘Slow boil’ versus ‘big bang’
  • Global risks
  • Case studies

  • ERM documentation and reporting

  • Risk reporting
  • Risk registers
  • Risk matrices and maps
  • Risk dashboards
  • ERM documentation and reporting in practice

  • ERM: Current issues

  • ERM and rapid change
  • Complexity and ERM
  • ERM and organisational maturity