Auditing the Enterprise Risk Management (ERM) Process


Auditing the Enterprise Risk Management (ERM) Process Overview
This course will start with an overview of the Enterprise Risk Management process and all the underlying elements of an Enterprise Risk Management, including a discussion on risk appetite, governance, and roles & responsibilities. Once the Enterprise Risk Management fundamentals has been established, the course will provide more details into the attributes that make an Enterprise Risk Management process effective such as addressing black swans, using risk driven metrics as well as linking Enterprise Risk Management with the organization’s strategy. There will also be a discussion of Internal Audit’s role in the Enterprise Risk Management initiative.
Clock icon0h 4m
[MUSIC] Hello, I'm Kathy Chambers educator here at ACI learning alongside Linh Truong. And we are super excited to introduce a new course to you but before we get to that let's learn a little bit more about Linh. Can you tell us about your background please? Sure Cathy thank you, so my name is Linh Trough and I've been in the internal art space for almost 30 years. I know that stating myself but I started out with KPMG back then, it was the big eight. Now it's the big four and from there have been working in various internal audit functions from financial services industry to on gas industry, biomedical. And more specifically I have served in former chief audit executive roles at the last three companies I worked for and I've actually was hired at each of those companies to build the internal audit function from scratch. So with each one of those experiences I was also asked to spearhead their respective enterprise risk management programs. So really excited to talk about all the ways that auditors can assess the DRM program for their companies. So then the course we're doing together is ACIs auditing What can viewers look forward to? Right, so this course will start out with some basics. It's going to be an overview of the enterprise risk management process, all the underlying elements that make up the Initiative. That will include a discussion on risk appetite, governance roles and responsibilities as well. The course will provide more details into the attributes that make an enterprise risk management program effective including being able to address black swans. And using risk driven metrics to measure the progress and and status of a risk management program. But the majority of the course will be comprised of assessing the Initiative in your organization against the new coastal principles that came out in 2017. Cast Cathy the coastal issued a guidance for Framework that is comprised of five elements and 20 principles. So what we're going through each one of those 20 principles and learn about the best practices of and Program. And looking at audit considerations on how to determine whether your organization is complying with those principles. Linh what do you hope our viewers take away from this course? Well I hope that they come to understand how to apply those principles and and they'll be able to do so. Because we'll be going through this course, not just by going through bullets concepts, but also going through an exercise. Some fun exercises we have in store for them. And as well, we'll be talking about real world examples of actual experience that I've had in implementing And knowing how to assess certain aspects that make an Program effective. Linh, I know that I'm excited to go through this course with you. Why are you excited to go through the course with me? Because because this Concept has been around for several decades. I still think that companies are struggling with getting it right clearly. The recent black swan events or near black swan events, the pandemic etc has has shown that not all organizations are optimizing their ability to properly manage their risks. And so this is an opportunity for auditors and other leaders within the organization who are involved with the risk management role. And responsibilities within their organization to bring back best practices and bring back procedures to determine whether they're Program is effective. And where they need to make the tweaks to make it more effective if it's not there already. All right, thank you Linh, I'm looking forward to going through these episodes with you and to our viewers, we hope you enjoy watching ACIs. Auditing, Yeah. [MUSIC]

Learning Style

On Demand





Who this course is for

Audit Directors and Managers, Risk Officers, Internal and External Auditors, Information Technology Auditors, and Operations Managers.

NASBA Certified CPE

16 credits

Field of Study


Length of course



Risk Audit School
or equivalent experience

Advanced Preparation

30 Episodes

Here are the topics we'll cover

  • Enterprise Risk Management (ERM)
  • COSO Principles
  • Reports
Learning Options

Options for this course

Train your team
Stay ahead of the curve and future-proof your business with training programs designed for you.
Channel partners
Transform your experience and integrate with our unique evolving library of Audit, Cybersecurity, and Information Technology courses.

ACI Learning is registered with NASBA

ACI Learning is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: