Auditing the Enterprise Risk Management Process

Overview

This course will start with an overview of the Enterprise Risk Management process and all the underlying elements of Enterprise Risk Management, including a discussion on risk appetite, governance, and roles & responsibilities. The course will provide more details into the attributes that make an Enterprise Risk Management process effective, such as addressing black swans, using risk-driven metrics, and linking Enterprise Risk Management with the organization’s strategy. Most of the course will involve methods for auditing the Enterprise Risk Management process by assessing the Enterprise Risk Management process according to the COSO framework, comprising five components and twenty principles.

The five components include: 1) Governance & Culture, 2) Strategy & Objective Setting, 3) Performance, and 4) Review & Revision. The objective of the assessment procedures is to determine if the organization’s ERM process exhibits these twenty principles.

There will also be a discussion to address another risk management framework, ISO 31000. A summary of key highlights of ISO 31000 will be covered; we will also compare the commonalities and differences between the ISO risk management framework and the COSO risk management framework.

The course will end with a discussion on Enterprise Risk Management reporting to various stakeholders.

The course will be delivered with practical application of concepts using actual examples, case studies, and exercises.

Learning Options

Below are the available learning options for this course:

AuditProTV

Online On-Demand

This course is available through AuditProTV — a subscription-based, on-demand learning platform. As a subscriber, you will have access to an ‘all you can watch’ library of courses that are built in alignment with the National Association of State Boards of Accountancy (NASBA) standards.

Learn More & Subscribe

Enterprise Solutions

Tailored Experience

Bring this course to your organization at your convenience. ACI Learning can deliver this instructor-led course for your team at a chosen location or virtually. Alternatively, choose the topic(s) you need and ACI will craft a training solution to keep your team future-proof.

Customize Your Training

NASBA Certified CPE

16 Credits

Auditing

Why you should take this course

You should attend because auditors are required to evaluate the adequacy and effectiveness of risk management processes.

Who should take this course

Audit directors and managers, risk officers, internal and external auditors, information technology auditors, and operations managers.

What You'll learn

You will learn the characteristics and functionality of effective ERM programs, and how auditors can evaluate the risk management process.

Prerequisites

Risk School (OAR201) or equivalent experience

Course Objectives

The learner will understand the basic elements of the entire ERM process, including governance, execution, and reporting.
The learner will define common ERM vocabulary and terminology.
The learner will understand how the ERM process should be linked to the organization's strategy.
The learner will apply the ERM framework principles and develop auditing procedures to assess the effectiveness of an organization's ERM process.
The learner will identify the differences between the two of the most used ERM frameworks, COSO and ISO.

Course Topics

Enterprise Risk Management (ERM)
COSO Principles 1-20