Introduction to Risk Management

Course Description

“Everyone can benefit from Risk Management training.”
Alf Esteban, Protecht

We are pleased to offer Protecht’s popular Introduction to Risk Management course. This course introduces the concept and nature of risk as it relates to a range of organisations using a variety of concepts to aid topic understanding.
Chapter 1 identifies the nature and behaviour of risk and explores concepts such as Risk Awareness, Risk Acceptance and the risk lifecycle. It describes how different types of controls minimise risk, and considers the types of risks usually faced by financial institutions.
Chapter 2 considers the aims, objectives and key components of the Risk Management process within an organisation. It expands on the concept of the risk lifecycle, as illustrated by a Risk Funnel chart. It explains the 3 Lines of Defence Model and the various Risk Management Standards and methodologies used globally.
Chapter 3 explores the Risk Management process as defined by ISO 31000 and AU/NZS, and explains how Risk Management tools apply to business processes.


This training is suitable for those seeking an introduction to the field of risk management and those who need to have a broad understanding of risk management.

Course Outline

Module 1 : The nature and types of risk

Module 2 : Risk Management, Frameworks and Standards

Module 3 : The Risk Management Process

Key Risk Indicators (KRIs)

Course Description

Key Risk Indicators (KRIs) are observable and measurable information that can be used to

identify the symptoms and “red flags” created by risks. This course explores how to identify KRIs in your organisation, linking them to both the risks and the

controls necessary to contain them. It examines how to collect, score and find patterns in KRIs across different units in your organisation. And it looks at the steps employees can take to report and escalate issues about KRIs to the appropriate management or committees within the organisation.

Who is this training for?

This course applies to all organisations looking to manage risks in their business by identifying the “red flags” of risk and taking action.

Course Outline

Module 1 : Defining Key Risk Indicators (KRI’s)

• What are KRIs?

• Objectives of KRIs?

• Types of KRIs

• Identifying KRIs

Module 2 : KRI Inputs – Determining the parameters

• Assigning KRIs

• Setting frequency

• Determining thresholds

• Linking KRIs to risks and controls

Modeule 3 : KRI Processes – Collection, scoring and Aggregation

• Collecting KRIs

• Scoring KRIs

• Aggregating KRIs

Module 4 : KRI Outputs – Reporting and Follow-up Process

• Reporting KRIs

• Notifying and escalation issues relating to KRIs

• Using reports and taking action

Third Party Risk

Course Description

This course guides you through the four steps associated with  handling  third  party  risk:  scoping,  risk  assessment,  due diligence and approval/post-approval risk mitigation.The  lessons covers  major  international  anti-corruption  laws,   including   the   US   Foreign   Corrupt   Practice   Act   (FCPA) and the UK Bribery Act. Jargon is kept to a minimum. Where possible, stories are used to paint a vivid picture.

Who is this training for?

Employees at all levels need to recognise the risks associated with third parties and how to identify them. This course guides staff through the four steps associated with handling third party risk.Management are trained to identify, minimise and handle corruption risks. General employees learn the role they play in ensuring that due diligence occurs.

Course Outline

Module 1 : Introducing Third Party Risk

   •The role of third party due diligence in your organisation’s ABC obligations

   •Scope of due diligence

   •Key corruption risk factors

   •Organisational benchmarks regarding third party risks

   •Assessing corruption risk as high, medium or low

Module 2 : Due Diligence and Approvals

   •The data collection process

   • Key aspects of third parties to research

   •Validating research• Monitoring third parties post-approvals

   •Supporting due diligence and anti-corruption processes

Module 3 : Due Diligence for Employees

   •The role of third party due diligence in your organisation’s ABC obligations

   •Key corruption risk factors

   •The due diligence process

   •Monitoring third parties post-approvals

   •The function of whistle-blower policies

Risk and Control Self-Assessment (RCSA)

Course Description

Risk and control self-assessment (RCSA) involves identifying, recording and assessing the risks that

an organisation may encounter, as well as the controls in place to contain them. It covers several steps, from identifying the risks to which an organisation or business may be exposed to escalating and taking follow-up action and identifying ongoing issues that affect risks. This course explains what an RCSA is and how to construct, use and report on it

Who is this training for?

You should complete this course if you are involved in a compliance or risk management function in your workplace

Course Outline

Module 1 : Defining Risk and Control Self-Assessment (RCSA)

   • Objectives of RCSA

    • Components used in an RCSA

    • How the RCSA fits into the risk management framework

Module 2 : RCSA Inputs – Risks, Control, Scales

    • Identifying and recording risks in a register

    • What are risk controls?

    • Recording controls and building a control library

    • Developing control effectiveness scales

Module 3 : RCSA Processes

   • Assessing risks

   • Assessing the effectiveness of risk controls

   • Approaches to self-assessing risk levels

Module 4 : RCSA Outputs – Reporting and Follow-up Process

   • Reporting risks

   • Notifying and escalating report information

   • Using reports and taking action

Compliance and Control Attestation

Course Description

“Come to terms with all of your organisation’s compliance requirements.”

Identifying your compliance requirements

Every organisation faces a range of internal and external compliance risks. This final course in the Protecht suite of risk management courses considers how to identify the risk of compliance breaches and apply appropriate controls, from reporting to workflow escalation.

Compliance programs can be defined as a series of questions that employees respond to on a periodic basis to ensure compliance with relevant obligations, controls, contractual requirements, policies and procedures.

The breadth of compliance issues that organisations are liable to brush up against can be daunting. This course explores what goes into a compliance program: how to build libraries of internal and external compliance requirements; prepare for and report on them; notify the relevant people and take appropriate action.

Who is this training for?

Everyone in the workplace – including compliance and risk managers, senior management or other employees – has a role to play in addressing their organisation’s and their own compliance requirements.

Course Outline

  • Module 1: Defining compliance
  • Module 2: Compliance inputs
  • Module 3: Compliance processes
  • Module 4: Compliance outputs