Course Agenda

Agenda

September Online Course Agenda

Agenda timing is in BST
----------------------------------------------------
Session one - 2pm BST/ 9am EDT
Session two - 3.15pm BST/ 10.15am EDT
Session three - 4:15pm BST/11:15am EDT
End - 5.30pm BST/ 12.30pm EDT
----------------------------------------------------

14:0015:00

Operational risk management trends and top risks: what’s on the horizon?

14:00 - 15:00

  • Operational risk frameworks in the financial services 
  • Framework complete and maturity: the ORM pyramid
  • Exposure and vulnerabilities
  • Rising operational risks and market trends
  • Top risks survey
  • Class discussion and experience sharing: rising risks in organisations

15:0015:15

Break

15:00 - 15:15

15:1516:15

Actionable risk appetite

15:15 - 16:15

  • Industry guidance on risk appetite
  • Risk appetite, tolerance and limits
  • Structure of actionable risk appetite
  • Cascading risk appetite: RCSA & indicators
  • Top down and bottom up approaches to risk appetite
  • Class discussion and exercise: define a risk appetite statement for one or two of your top risks

16:1516:30

Break

15:00 - 15:15

16:3017:30

Preventive KRIs: a method

16:30 - 17:30

  • Selecting and designing KRIs step by step
  • Metrics of risk drivers
  • A typology of KRIs: exposure, stress, casual and failure
  • KRI design and reporting
  • Group work: attendees will have the opportunity to apply this method and share their findings with others in a guided exercise 

14:0015:15

Root cause analysis for KRI identification

15:15 - 16:15

  • Root cause analysis and lessons learnt from large incidents
  • Cause of the cause: the benefits
  • Bow tie tool: tracking common failures and systemic patterns
  • Root cause and risk prevention
  • Group work: apply a bow-tie analysis to one of your incidents and share the lessons learnt

15:0015:15

Break

15:00 - 15:15

15:1516:15

Process mapping and control design

14:00 - 15:00

  • Process mapping: highlights risk and controls at every step
  • KCIs: assessing controls, their existence, their effectiveness
  • Typology of controls
  • Typology of human error: the work of James Reason
  • Active and latent errors
  • Prevention by design
  • Group work: attendees will work on process mapping of relevant activities and share results with the class  

16:1516:30

Break

15:00 - 15:15

16:3017:30

KRIs for information security risks

15:15 - 16:15

  • Information security risk assessment method: case study
  • Key controls in information and cyber security
  • KRIs for information security: exposure, failures and stress indicators
  • Reporting and governance on KRIs
  • Reassess your current indicators and select appropriately

14:0015:00

KRIs for project risk management and validation

14:00 - 15:00

  • Project management and risk management involvement
  • KRIs for projects
  • Reporting on projects and changes
  • Testing KRIs: assess the validity of your indicators
  • Governance and around risk indicators
  • Class discussion and benchmarking: KRI definition and governance in different institutions

15:0015:15

Break

15:00 - 15:15

15:1516:15

Indicators for conduct and risk culture

15:15 - 16:15

  • Conduct and culture: metrics and behaviours
  • Case study of a conduct and culture change programme (2018)
  • Reporting on culture  
  • Other influences than KPIs