Udemy Business

Teach on Udemy

Turn what you know into an opportunity and reach millions around the world.

Learn More

Your cart is empty.

Keep shopping

Introduction to Risk Management

Name: Introduction to Risk Management
Rating: 4.1 (157 reviews)

Learn how to manage risks for business success.

Created byAdrian Resag, QIAL, CMIIA, CIA, CRMA, CFSA, GRCP, IAAP, CIMA Adv Dip MA

Last updated 6/2023

English

What you'll learn

The basics (and intermediate knowledge) of operational risk management.
Understand the role of Risk Management in the management of an organization’s risks.
How to put in place Enterprise Risk Management (ERM) in your organization.
Risk Management tools and techniques.
Learn how to apply governance structures and frameworks over the management of risks in an organization.
Know how to assess the governance framework in place.
Know different measures for evaluating risks, how risk and control self-assessments are performed.
Know how the monitoring of risks and the risk management system should be performed.
Know how to use risk management maturity models in your organization.
What you need to know to perform proper audits of risk management.

Course content

4 sections • 112 lectures • 7h 29m total length

Evolution of Risk Management5:59
Explore how internal audits support enterprise risk management, moving from traditional insurance-based risk control to integrated goals-driven identification. Focus on decision making under uncertainty and spotting opportunities across the organization.
Definition of Risk Management1:43
Risk Management vs ERM8:07
Explore the differences between risk management and enterprise risk management, comparing risk-averse mitigation focus with ERM's organization-wide resilience, governance, interrelated risks, and risk appetite.
ERM Top-down Model3:05
Risk Management Strategy Across An Organization3:39
ERM Documentation3:41
COSO ERM2:10
The COSO Helix12:04
Risk Criteria12:00
Volatility, Interdependency and Correlation4:27
Analyze volatility to see how risk varies over time, and examine interdependence where risks amplify each other. Learn how correlation differs from causation and why dependent risks may occur together.
Risk Management Maturity Model2:23
Levels in the Risk Management Maturity Model7:58
Advantages of the Risk Management Maturity Model2:20
Risk Information Ownership in the Risk Management Maturity Model5:43
Explore how risk information ownership evolves across the risk management maturity model from internal audit at inception to cross-functional collaboration with a common risk language, policy, and risk appetite.
Using Risk Management Maturity Models as an Internal Auditor1:36
The COSO ERM Fan2:11
Risk Responses4:17
Risk Measurement4:53
The 3-lines of Defense Model13:35
Explore the three lines of defense model in banking, identifying first line risk owners, second line oversight, and third line internal audit, with examples of compliance, risk management, and assurance.
Risk Assurance Mapping8:31

Definition of Risk Management Governance2:23
Risk Management Governance Structure6:00
How Internal Audit Can Help Risk Management Governance4:26
Internal audit supports governance as third line of defense, providing insight to the board, evaluating board and risk committee processes, benchmarking against best practices, and improving reporting, escalation, and assurance.
Responsibilities of Board Members3:08
The lecture outlines the three fiduciary duties of board members—care, loyalty, and obedience—emphasizing diligent, good-faith decision-making, avoidance of insider trading, and legal compliance.
COSO's Enterprise Risk Management (ERM) Cube4:24
Environments in Which Risk is Managed3:32
Definition of Risk Appetite7:15
Example of a Risk Appetite Statement2:34
Sobel and Reding's Capability Criteria4:56
Risk Evaluation Measures1:54
Risk Levels7:44
Risk Evaluation Measures3:09
Explore risk evaluation measures across the risk universe, balancing appetites for operational, market, and reputational risks to align actual risk profile with a target risk profile, guided by executive insights.
Determining the Risk Universe0:35
Risk Map for Likelihood and Impact with Risk Levels2:51
Main Functions of Controls7:05
Explore the main functions of controls—directive, preventive, detective, and corrective—and see how audits, backups, and audit trails prevent, detect, and respond to risk in an organization.
Using Lead Indicators and Controls for Emerging Risks18:20
Inherent and Residual Risk1:32
The Calculation of Residual Risk2:56
The Calculation of Audit Risk3:30
Explore how audit risk arises from inherent, control, and detection risks, and learn how external and internal audits assess the likelihood of undetected material misstatements.
Likelihood and Impact Graph of Inherent and Residual Risks5:37
Common Risk Management Frameworks6:15
Roles in the COSO ERM Framework8:47
ISO 31000 Principles6:55
ISO 31000 principles embed risk management into decision making and operations, enabling structured, accountable risk reporting. The framework is organization-wide, customizable, and designed for continual improvement through monitoring and learning.
COSO ERM vs ISO 31000 Components1:00
The COSO Internal Control Cube4:38
Explore the COSO internal control cube and its five components (control environment, risk assessment, control activities, information and communication, and monitoring) and their link to operations, reporting, and compliance.
COSO's 17 Principles of Internal Control6:07
Explore COSO's 17 principles of internal control across the control environment, risk assessment, control activities, information and communication, and monitoring.
Risk Culture9:34
Discover how risk culture shapes risk management through collective attitudes and behaviors, from tone at the top to open communication and accountability, defining acceptable risks.
ABC Model of Risk Culture2:59
Indicators of Risk Culture4:57
Assessing Risk Culture4:39
Assess risk culture by examining the tone at the top, governance and risk leadership, then link to competency and resources that enable risk-aware decision making and reporting.
McKinsey 7S Model4:46
Definition of Emerging Risks2:30
Assessing Emerging Risks5:00
Stakeholder Interest and Engagement4:56

Risk Identification Techniques0:46
Risk Identification Workshops1:12
Control and Risk Self-Assessments (CRSA)1:55
Vulnerability Assessments2:01
Scenario Planning1:59
Explore scenario planning in risk management using decision trees and sensitivity analysis to assess capital adequacy under Basel II across recession and interest-rate scenarios.
Brainstorming Risk Identification Technique1:08
Brainstorming invites all ideas in a judgment-free, facilitator-led session to identify risks and enrich the risk inventory with overlooked vulnerabilities.
Risk Questionnaires0:51
Benchmarking1:25
Risk Event Map1:34
Risk Likelihood and Impact Definitions3:17
Define likelihood levels and impact thresholds with a common policy language, link high likelihood and impact to board and management discussions, and use financial impact as the main measure.
Definition of Data Analytics for Internal Audit1:24
Use of Data Analytics for Risk Management2:26
Types of Data Analytics0:27
Types of Data Analytics - Descriptive Data Analytics3:31
Types of Data Analytics - Diagnostic Data Analytics5:48
Types of Data Analytics - Predictive Data Analytics2:48
Types of Data Analytics - Prescriptive Data Analytics2:56
Ratio Estimation3:13
Variance Analysis for Data Analytics4:08
Proportional Analysis, Trend Analysis and Embedded Audit Modules1:55
Benford's Law2:22
Regression Analysis2:15
Statistical Process Control2:40
Other Types of Analytical Tests 13:18
Other Types of Analytical Tests 25:32
Root Cause Analysis Methods1:22
Discover root cause analysis by exploring methods to uncover reasons for incidents and issues. Learn fishbone diagrams, the five whys, logic trees, failure mode effects analysis, and fault tree analysis.
Root Cause Analysis Methods - Fishbone Diagram4:07
Root Cause Analysis Methods - The 5 Whys1:23
Root Cause Analysis Methods - Logic Trees2:08
Root Cause Analysis Methods - Fault Trees Analysis2:22
Root Cause Analysis Methods - Failure Modes and Effects Analysis (FMEA)1:45
Systems Development Life Cycle (SDLC)3:44
Auditing the Systems Development Life Cycle (SDLC)2:02
Methods for the Systems Development Life Cycle (SDLC)0:31
Systems Development Life Cycle (SDLC) - Waterfall Method2:12
Follow the waterfall method's SDLC steps—planning, analysis, design, programming, and testing—with sign-offs to prevent overlapping and reduce resource waste, though it can be inflexible and lead to longer deadlines.
Systems Development Life Cycle (SDLC) - Spiral Method1:28
Systems Development Life Cycle (SDLC) - Rapid Development3:49
Explore rapid development in the SDLC, where planning, analysis, and design overlap with alpha and beta testing of multiple prototypes to shorten delivery time.
Systems Development Life Cycle (SDLC) - Agile Method2:09
Explore the agile method's continuous iteration with overlapping development and testing in sprints. It centers on collaboration and customer focus, prioritizing individuals and interactions, working software, and adapting to change.

Steps to Assessing Risk Management1:19
Learn six steps to assessing risk management within internal audits, including establishing scopes and objectives, gathering information, conducting a preliminary risk assessment, allocating resources, performing the audit, and reporting findings.
Assessing Risk Management - 1 Understand the Context of the Organization4:00
Assessing Risk Management - 2 Gather Information and Documentation3:24
Assessing Risk Management - 3 Preliminary Risk Assessment2:28
Assessing Risk Management - Establish Scope and Objectives2:22
Establish the scope and objectives for risk management by applying evaluation criteria from risk policies, procedures, external laws, and best practices.
Internal Audit's Role in Risk Management2:42
Internal audits must understand organizational risks, provide assurance over risks, and move from auditing risk management to actively supporting risk processes, without becoming risk owners.
Core Internal Audit Roles in ERM2:34
Legitimate Internal Audit Roles in ERM5:13
Forbidden Internal Audit Roles in ERM3:56
Relying on Risk Assurance4:49
Can Internal Audit Rely on Risk Management Assurance2:04
Advantages of Relying on Risk Management Assurance2:52
Other Forms of Assurance Over Risk Management2:52
Models for Assurance Over Risk Management1:15
Assurance Over Risk Management - Process Elements Approach4:20
Assurance Over Risk Management - Key Principles Approach11:40
Qualities of Persuasive Internal Audit Information9:42
Types of Audit Evidence5:09
Process Map for Communicating the Acceptance of Risks5:25
Quality of Audit Communications4:42

Requirements

No prerequisite knowledge expected.

Description

We are glad to bring you a course on Risk Management.

This course will help you manage risks so that your business can succeed.

Learn essential business knowledge for anyone who want to manage operations successfully.

This course will give you all that you need to know to get a firm understanding of operational risk management.

It is intended for either:

1. Risk Managers and those who want to learn more about risk management.

2. Managers and those who are responsible for operations in their organization.

3. Auditors and others assessing how risks are managed.

It is taught by Adrian Resag, an experienced Head of Risk Management, who has also been teaching for nearly 2 decades.

You will learn:

The basics (and intermediate knowledge) of operational risk management.
How to put in place Enterprise Risk Management (ERM) in your organization.
Risk Management tools and techniques.
What you need to know to perform proper audits of risk management.

The course covers:

Introduction to Risk Management

Understand the role of Risk Management in the management of an organization’s risks.

The Governance of Risk Management

Learn how to apply governance structures and frameworks over the management of risks in an organization.
Know how to assess the governance framework in place.

Risk Management Tools and Techniques

Lean about the main risk management frameworks, such as ISO 31000 and COSO ERM.
Learn risk identification and risk evaluation techniques, such as control self-assessment or fault tree analysis.
Learn about using data analytics for risk management.
Learn statistical techniques for risk management.
Learn how to assess risks in the Systems Development Life Cycle (SDLC).

Assurance over Risk Management Learn how to perform risk assessments

Know different measures for evaluating risks, how risk and control self-assessments are performed.
Know how the monitoring of risks and the risk management system should be performed.
Know how to use risk management maturity models in your organization.

Who this course is for:

This course is useful for a surprisingly large number of people. If you are (or want to be) in charge of operations in a business, knowing how to manage risks is very important.
For those who want to learn more about risk management.
For those who want to learn how to audit risk management.
Risk Managers
Auditors
Management

Introduction to Risk Management

What you'll learn

Explore related topics

Course content