Places are limited to 30 so sign up quickly to avoid disappointment.
- internationally renowned GRC pundit
- a blueprint for effective risk management
- stunning venue
Risk is pervasive throughout business strategies, operations, and processes. Siloed approaches to risk management leave the organization not seeing the big picture of risk. The reaction is often to centralize risk management which forces different areas of the organization into a one-size fits all risk management model that fails to adequately manage and monitor risk. Defining strategy, managing operations, and addressing organization change requires the ability to provide meaningful risk information for decision-making for boards, executives, GRC professionals, as well as the line of business.
Benefits to attendees:
- Understand a top-down as well as a bottom-up approach to risk management
- Implement risk management in the context of business strategy, process, and operations
- Explore different risk management architecture models and how they apply to your organization
- Discover various risk management techniques and how they apply to your business
- Develop a risk information architecture that aligns with business operations and processes
- Effectively communicate risk across your organizations
As business becomes increasingly complex in a changing business and risk environment – that struggles with growing regulations, globalization, and distributed operations – organizations need a blueprint for effective, efficient and agile risk management. This requires organizations to design risk management into the organization as an integrated part of strategy and operations supported by an integrated risk information architecture that allows organizations to have a 360° situational awareness of risk in context of business strategy and operations.
This workshop aims to provide a blueprint for attendees on effective risk management strategies in a dynamic business and risk environment. Attendees will learn risk management strategies and techniques that can be applied to enterprise and operational risk management strategies as well as departmental focused risk initiatives. Learning is done through lectures, collaboration with peers, and workshop tasks.
Michael Rasmussen – The GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 23+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures, and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” — being the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.
Part 1: What is Risk?
Understanding Risk in the Context of the Organization
- Different views of risk throughout the organization
- Who owns risk?
- Understanding risk and its role in business strategy, objectives, performances, and operations
Part 2: Federated Risk Management
Blueprint for Risk Management Collaboration and Strategy
- Developing a risk committee (or herding cats), bringing together the range of risk roles in the organization
- Defining a risk management charter
- Developing a collaborative and enterprise view of risk
Part 3: Risk Management Process Lifecycle
- Integrated Processes to Identify, Analyze, Manage, and Communicate Risk
- Risk identification – Collaborative process to identify risk from both the bottom and the top
- Risk analysis – Understanding and contrasting risk assessment & analysis techniques
- Risk management – Strategies to mitigate and reduce risk
- Risk communication – Assign and manage risk ownership and accountability
Part 4: Risk Management Information & Technology Architecture
Providing an Integrated View of Risk to the Enterprise Without Losing Value to the Department
- Developing a risk taxonomy and attributes of risk and risk ranking
- Addressing risk normalization and aggregation for enterprise risk reporting
- Monitoring risk in a changing environment
- Technology capabilities and considerations to support risk management