Protecht Risk Control Self Assessment
Product Description
Understanding the RCSA process from design and implementation through to carrying out assessments, reporting results and creating follow-up actions.
In this course, David Tattam, Chief Research and Content Officer at Protecht, covers all aspects of the RCSA process from design and implementation through to carrying out assessments, reporting results and creating follow up actions.
Who should do this training?
The course is aimed at risk practitioners and business managers who have, or are looking to implement, a robust and comprehensive Risk & Control Self Assessment (RCSA) process within their organisation. It considers the RCSA process both as a stand-alone process and as part of an integrated Enterprise Risk Management framework.
The course applies the ISO 31000 and 31010 standards.
Course Outline
In this course, you’ll learn:
1. Objectives & purpose of RCSA
- Objectives of RCSA
- What is RCSA?
2. What are we assessing – risks
- Types of risk
- Components of risk
- Risk bow ties
- Measures of risk
3. What are we assessing – controls
- Types of controls
- How controls modify risk
- Control classifications
4. Risk & control taxonomies
- Objectives of taxonomies
- Common types of taxonomies
- Using taxonomies in RCSA
5. Risk management & RCSA frameworks
- How RCSA integrates with other risk processes
- Risk and reward framework
- RCSA in an enterprise risk management framework
6. Approaches to risk assessment
- Tools and techniques for risk assessment
7. RCSA methods
- Determining what we will assess
- Likelihood and impact scales
- Setting likelihood scales: what measure?
- Setting impact scales: how many types of impact?
- Assessing risks: inherent, residual and targeted
- Assessing the effectiveness of controls
8. RCSA process
- Identifying business and process objectives
- Identifying critical processes
- Identifying risks
- Identifying controls
- Evaluating risks
- Treatment methods
- Methods for collecting information
- Preparing for a risk workshop
- Facilitating a risk workshop
9. RCSA reporting
- Types of report and information
- Information to report
- Including RCSA in an aggregated dashboard report
- Interpreting reports
10. When should risk assessment be carried out?
- Periodic risk assessment
- Dynamic risk assessment
- Integration with other risk processes
- Formal and informal risk assessment
11. Roles and responsibilities
- RCSA and the three-lines model
- Who owns risk and controls?
- Who owns risk and control self assessment?
Learning objectives
- An in-depth understanding of the objectives and outcomes of a robust RCSA process
- An understanding of how the RCSA process integrates into an enterprise risk management framework and how the results of RCSA can be used in scenario analysis, key risk indicators, incident management and compliance
- The ability to design an effective and efficient RCSA process
- The ability to set relevant risk scoring scales to reflect risk appetite and tolerance
- The ability to produce meaningful reports as output from the RCSA process
- How to use the RCSA in risk and general management
- How to use RCSA results to develop risk treatment improvements
- An appreciation of the system requirements and system pitfalls for an effective RCSA process
- The skills to be able to carry out effective and engaging RCSA workshops
- An understanding of the pitfalls to a successful RCSA process and how to overcome them
- An understanding of relevant external guidance and requirements including ISO 31000 and ISO 31010
Course expectations
- Watch 25 videos
- Answer 12 knowledge questions
- Complete 1 Interactive Risk Assessment Forecast
- Answer 10 quiz questions
Timings
- 4.5 hours of video content
- Approximately 5-6 hours for the whole course
Cost
- $858.00 inclusive of GST payable by credit card on registration. For purchases for more than 10 people please use the contact form or call 1800 676 011 to speak with one of our Account Managers.
