Agenda

Course Programme

September Course Agenda

Agenda timing is in BST
----------------------------------------------------
Session one - 2pm BST/ 9am EDT
Session two - 3.15pm BST/ 10.15am EDT
Session three - 4:15pm BST/11:15am EDT
End - 5.30pm BST/ 12.30pm EDT
----------------------------------------------------

14:0015:00

Risk identification tools and emerging risks

14:00 - 15:57

  • Tools and techniques for risk identification
  • Exposures and vulnerabilities
  • The risk wheel
  • Value drivers and reverse stress testing
  • Risk register: a list
  • Risk connectivity: network of risks
  • World economic forum: risk map
  • Emerging risks
  • Class exercise: Identify the network of your top risks

15:0015:15

Break

15:00 - 15:30

15:1516:15

Root causes analysis - the bow-tie

15:15 - 16:15

  • Root cause analysis: tools and methods
  • Benefits of root cause analysis: tracking the common failures and systemic patterns
  • Treating causes over symptoms
  • Bow-tie: an effective tool to define preventive, corrective controls and leading KRIs
  • Risk likelihood and expected impact
  • Class exercise: apply the bow-tie to one of your incidents and share the lessons learnt

16:1516:30

Break

15:00 - 15:30

16:3017:30

Implementing ORM: the invisible framework

14:00 - 15:00

  • Governance of operational risk
  • 1st line and 2nd line : the partnership model
  • Use and reuse: the invisible framework
  • Business value of ORM
  • Workshop: build a business case for risk management

14:0015:00

Information security assessment and essentials of cyber protection

15:15 - 16:15

  • Information security risk management framework
  • Typology of information security risk
  • Information assets inventory
  • Risk assessments
  • Control layering and key controls for information security risks  
  • Scenarios and quantification

15:0015:15

Break

15:00 - 15:30

15:1516:15

Resilience, reputation and operational risk management for projects

14:00 - 15:00

  • Regulatory highlights on operational resilience and the connections with an effective reputational risk management framework
  • ORM policy for project management
  • Project rating criteria
  • Causes of project failure
  • Essentials of project risk management
  • Collaborations and benefits

16:1516:30

Break

15:00 - 15:30

16:3017:30

Risk reporting, conduct reporting and benchmarking your practices

15:15 - 16:15

  • Modern issues on events and risk reporting; the regulator’s view
  • Analysing operational risk data: get insight, tell a story
  • Management information: the reporting cake
  • Aggregate and escalate risk information: your options
  • Conduct reporting: themes and details
  • Highlights of best practice, group discussion and sharing of experiences
  • Interactive maturity criteria for your ORM framework and use test, plus a priority list for starter firms

14:0015:00

Resilience, reputation and operational risk management for projects

14:00 - 15:00

  • Regulatory highlights on operational resilience and the connections with an effective reputational risk management framework
  • ORM policy for project management
  • Project rating criteria
  • Causes of project failure
  • Essentials of project risk management
  • Collaborations and benefits

15:0015:15

Break

15:00 - 15:30

15:1516:15

Risk reporting, conduct reporting and benchmarking your practices

15:15 - 16:15

  • Modern issues on events and risk reporting; the regulator’s view
  • Analysing operational risk data: get insight, tell a story
  • Management information: the reporting cake
  • Aggregate and escalate risk information: your options
  • Conduct reporting: themes and details
  • Highlights of best practice, group discussion and sharing of experiences
  • Interactive maturity criteria for your ORM framework and use test, plus a priority list for starter firms