ISO31000 Integrating Risk Management into Decision Making
What you'll learn
- Learn core components of ISO31000:2018
- Learn how to measure risk management maturity against the ISO31000:2018
- Learn about Risk Management 2 and what it should look like
- Learn practical steps to integrate risk management into decision making
- Learn about cognitive biases and other barriers to effective risk management
- Learn what advanced quantitative risk analysis techniques exist and where to find more information about them
- Develop a comprehensive plan for risk management integration
- Basic understanding of risk management
- Basic understanding of ISO31000 and decision making
- Familiarity with other RISK-ACADEMY couse udemy.com/course/1687492/ is preferable
Risk management should not only help companies to achieve minimum legal compliance requirements but also contribute to the demonstrable achievement of objectives, linking risks with performance. According to ISO31000 standard, integrating risk management into an organization is a dynamic and iterative process, and should be customized to the organization’s needs and culture. Risk management should be a part of, and not separate from, the organizational governance, leadership, strategy, operations and performance management.
Alex Sidorenko, known for his risk management blog www.riskacademy.blog, has created a 25-step program to integrate risk management into decision making, core business processes and the overall culture of the organization. This course covers practical steps to design, implement and measure effectiveness of risk management.
This course will help you answer the following questions:
Do key stakeholders believe risk management is aligned with strategy, objectives and culture and helps the organization achieve its objectives?
Is there a risk management statement or policy?
Does management show commitment to the integration of risk management into all processes or decision types, giving risk team sufficient resources and responsibility?
Is responsibility for risk management as part of business activities and decision making regularly communicated by top management to management and staff?
Are oversight bodies confident that risks have been adequately considered when setting the organization’s objectives?
Is information about risks and their management presented in the reports that oversight bodies receive and included in any significant decisions they have to make?
Are results of independent risk management effectiveness assessments presented to the oversight bodies on a regular basis?
Is risk management effort consistent with internal and external environment (meeting both regulatory requirements and stakeholder expectations)?
Have risk management principles been integrated into existing policies and procedures instead of just having a single aggregated risk management framework document?
Has the responsibility for risk identification and analysis been documented in the committee charters, policies, procedures and job descriptions?
Does risk management team have the necessary resources to effectively integrate risk management into business activities and decision making?
Is information about risks and their management integrated in existing financial and management reporting?
Does an organization have a plan to implement risk management into all activities throughout the organization, including decision-making?
Are significant decisions and approvals made by the management only after analysing the risks associated with these decisions?
Is risk management integrated into planning, budgeting, motivation and performance management processes instead of having a standalone risk management process?
Are strategic goals, objectives and key performance indicators set based on the results of the risk analysis?
Is risk management integrated in core operational processes, risks are analysed on an ongoing basis within operating activities?
Are key supporting (back-office) processes organized in such a way, that risks and their treatments are considered?
Is risk-based decision making consistently applied across subsidiaries, key suppliers and supply chains?
Are risk management competences developed in all key departments?
Are risk management competences integrated in the training and development program for employees, is there regular risk management training for different levels of management?
Are risk management competences an important attribute when applying for jobs in the organization?
Do you consider organization has a strong culture dedicated to risk-based decision making and risk management?
The content of the course is 100% aligned with the structure and principles of the ISO31000:2018. This course will be immensely valuable for risk managers, risk consultants, auditors and everyone who want to learn more about risk management 2.
Who this course is for:
- Risk management professionals developing a roadmap for risk management implementation
- Board and audit committee members seeking to measure risk maturity
- Risk consultants engaged to built or review risk management practices
- Internal and external auditors tasked with auditing risk management
ALEXEI SIDORENKO is a uniquely qualified expert with over 12 years of strategic, innovation, risk and performance management experience across Australia, Russia, Poland and Kazakhstan. In 2014 Alex was named the Risk Manager of the Year by the Russian Risk Management Association. Currently working at RUSNANO, Alex leads the risk management team at the largest private equity fund in Russia, specializing in hi-tech and nanotechnology investments. Alex is responsible for ERM at the fund level and across its 97 portfolio companies. Alex’s work at RUSNANO was awarded first prize in the category Best ERM Implementation by RUSRISK in 2014.