Corporate Enterprise Risk Management for Security Personnels

Principles of Risk and Enterprise Risk Management
• Objectives & Governance, concepts & definitions
• Mapping and assessing Your current governance arrangements
• Commitment – Setting Your objectives for implementing the latest guidance
• Who are the internal and external stakeholders?
• The importance of culture, communication and behaviour in seeking an effective ERM structure
• An overview of the global post pandemic business environment
• Enterprise Risk Management – The Resilient Organisation

ISO 31004 – Designing the Framework for Managing ERM
• ERM framework and process
• ERM responsibilities – who does what, who is on the team
• ERM accountabilities and performance measures
• Compare Your current ERM to ISO31000:2009 principles
• Alignment between ERM policy and the organization
• Risk attitude: pursue, retain or avoid with respect to risk appetite and tolerance
• Options for risk criteria, assessment, identification, analysis and evaluation

Business Continuity Management Systems (BCMS)
• Fundamental principles of Business Continuity Management
• Implementation of a BCMS in accordance with ISO 22301 & 27031
• Business Impact Analysis (BIA) and Risk Assessment
• To understand the relationship between BCMS and the compliance with the other ERM requirements, including supply chain strategies
• Writing a business case and a project plan for the implementation of a BCMS
• Incident and emergency response management (including mutual aid)

Implementing Effective Enterprise Risk Management
• Resources and methodologies to implement The Plan
• Ensuring ERM becomes part of significant decision-making
• What are the likely barriers to implementation (risk culture)?
• Risk reporting & the limitations of various risk reporting tools & methodologies
• Assess the merits of quantitative risk modelling & qualitative reporting
• Align your risk reporting processes with other strategically important management activities, such as reputation management

Monitoring, Review and Continuous Improvement of the Framework
• Key risk indicators (KRI´s)
• Continuous improvements, running your own team-based risk workshops
• Collate risk and control information from multiple sources into a central risk register or inventory of risk information system
• Controls register or inventory of controls (The “Five Ws”)
• Understand feedback provided to you by those you communicate with and take on board “lessons learnt”