One-Day Executive Overview of Using ISO 31000 to establish and manage Enterprise Risk Management (ERM)
Course Duration: 1-Day
Recommended Follow-On Sessions
Continuing Professional Education (CPE) Credit
Upon course completion, we will provide you with an achievement certificate for 8 continuing professional education (CPE) credits that can be used to fulfill requirements for maintaining a variety of professional credentials for fraud examination, accounting, auditing, and information security.
Risk assessment and management provides the foundation for internal controls management, as well as business continuity and disaster recovery management. After all, the Information Security Management System and the Business Continuity Management System exist purely to manage risk. This means that an ISMS and a BCMS can only be a good as the organization's ability to create, authorize, and practice a single consistent approach to assessing and treating risks. The ISO/IEC 27001 certification of an organization's Information Security Management System (ISMS) requires that all security methods and controls must be driven by risk assessment as defined in an organization's formal documented risk management methodology. ISO 22301 certification of an organization's Business Continuity Management System (BCMS) requires the same.
Your business governors (Board Members), your risk committee, and your business leaders (business process owners) may not initially have the time to devote to the complete coverage of CIS Policy Workshop: ISO 31000 Enterprise Risk Management. This one-day subset session provides a concise introduction to Enterprise Risk Management as a concept, and how to use the ISO 31000 framework to:
- Learn how to prepare the organization to properly manage operational risks
- Compare and contrast ISO 27005, ISO 31000, and COSO risk management approaches
- Set up the Enterprise Risk Management program, policy, and team
- Learn how to properly scope your risk management program
- Establish formal roles and responsibilities to manage operational risk throughout the enterprise
- Establish risk context criteria for risk evaluation, business impact, and risk acceptance
This affordable executive overview session is also available as a private on-site engagement for groups of 10 or more participants. Please contact us for complete details.