Certification Programme Knowledge Only v1

7/24/2019 Certification Programme Knowledge Only v1

1/40

1

2015 FERMA - CONFIDENTIAL - All rights reserved - Copying and forwarding is not permitted

European Certification for Risk Managers

Body of Knowledge


2/40

2


CONTENT

Program Design: Blocks ...................................................................... 5

Block Description ............................................................................... 7

Block 00: Business Basis for Risk Manager ........................................................... 7

Block 01: Essentials of Risk Management ............................................................. 8

Block 02: Risk Assessment .................................................................................... 9

Block 03: Risk Treatment I .................................................................................. 10

Block 04: Risk Treatment II ................................................................................. 11

Block 05: Risk Communication, Monitoring & Review ........................................ 12

Block 06: Specific Risk Management Topics ....................................................... 13

Learning Outcomes .......................................................................... 14

Block 00: Business Basis for Risk Manager ......................................................... 14

TOPIC 1: Essentials Of Economics And International Business ........................................................................... 14

TOPIC 2: Basic Statistics & Financial Mathematics ............................................................................................. 14

TOPIC 3: Basic Corporate Finance ...................................................................................................................... 14

TOPIC 4: Financial Statements ............................................................................................................................ 15

TOPIC 5: Basic of General Management.............................................................................................................. 15

TOPIC 6: Legal & Contract Management ............................................................................................................. 16

TOPIC 7: Basic Marketing .................................................................................................................................... 16

TOPIC 8: Communication .................................................................................................................................... 16

TOPIC 9: Information Technology ....................................................................................................................... 17

TOPIC 10: Change Management ......................................................................................................................... 17

Block 01: Essentials of Risk Management (COMPULSORY) ................................ 18


3/40

3


TOPIC 1: Introduction to FERMA Risk Manager Certification (4 Pillars System) ................................................ 18

TOPIC 2: Principles and Aims of Enterprise-Wide Risk Management (Includes Ethics) ..................................... 19

TOPIC 3: Risk Management Frameworks and Standards ................................................................................... 19

TOPIC 4: RM In The Organization: Governance, Context, Internal Audit, Compliance (3 Lines Of Defense),Internal Control, Risk Culture, Policy ................................................................................................................... 19

TOPIC 5: Company Strategy, Objectives, Responsibilities, Structure, Program Etc. ........................................ 20

TOPIC 6: Risk Appetite, Risk Tolerance, Risk Attitude, Risk Capacity, Limits ....................................................... 20

TOPIC 7: Types and Impact of Risk On Organizations.......................................................................................... 20

TOPIC 8: Risk management process: identification, assessment, treatment, control, financing ........................ 21

TOPIC 9: Added Value, Cost and Benefits of Risk Management ......................................................................... 21

Block 02: Risk Assessment ................................................................................. 22

TOPIC 1: Risk & Uncertainty and Impact On Strategy ........................................................................................ 22

TOPIC 2: Risk Identification and Classification ................................................................................................... 23

TOPIC 3: Risk Identification Techniques ............................................................................................................. 23

TOPIC 4: Qualitative Risk Analysis Tools and Techniques................................................................................... 24

TOPIC 5: Quantitative Risk Analysis Tools and Techniques ................................................................................. 24

TOPIC 6: Risk Consequence, Likelihood and Severity .......................................................................................... 24

TOPIC 7: Risk Modelling ....................................................................................................................................... 24

TOPIC 8: Risk Register, Risk Matrix, Risk Profile, Risk Map ................................................................................. 25

Block 03: Risk Treatment I ................................................................................. 26

TOPIC 1: General Aspects (Company Risk Appetite, Inherent and Current Level of Risk; Risk Tolerance,

Treatment, Transfer and Termination, Etc.) ........................................................................................................ 26

TOPIC 2: Types of Risk Treatment/Response ..................................................................................................... 26

TOPIC 3: Risk Control Techniques: Loss Prevention, Claims Management and Opportunities....................... 26

TOPIC 4: General /Financial Risk-Related Controls............................................................................................. 27

TOPIC 5: Business Continuity: Emergency and Crisis Management .................................................................... 27

TOPIC 6: Other Techniques ................................................................................................................................. 27


4/40

4


Block 04: Risk Treatment II ................................................................................ 28

TOPIC 1: Risk Financing Techniques ................................................................................................................... 28

TOPIC 2: Insurance Sector .................................................................................................................................. 28

TOPIC 3: Insurance ............................................................................................................................................. 29

TOPIC 4: Reinsurance ......................................................................................................................................... 29

TOPIC 5: Captive (Re) Insurance Companies ....................................................................................................... 30

TOPIC 6: Alternative Risk Transfer Methods ....................................................................................................... 30

TOPIC 7: International Insurance Market ............................................................................................................ 30

Block 05: Risk Communication, Monitoring & Review ....................................... 31

TOPIC 1: Risk Culture and the Human Factor ..................................................................................................... 31

TOPIC 2: Corporate Social Responsibility ........................................................................................................... 31

TOPIC 3: Communication, Consultation, Corporate Governance & Role of the Board ...................................... 32

TOPIC 4: Risk Management Information Systems .............................................................................................. 33

TOPIC 5: Risk Monitoring ..................................................................................................................................... 33

TOPIC 6: Risk Review ........................................................................................................................................... 34

TOPIC 7: Risk Assurance ...................................................................................................................................... 34

TOPIC 9: Risk Reporting ....................................................................................................................................... 34

Block 06: Specific Risk Management Topics ...................................................... 36

TOPIC 1: Operational Risk Management ............................................................................................................ 36

TOPIC 2: Supply Chain Risk Management........................................................................................................... 37

TOPIC 3: Incident and Claims Management ....................................................................................................... 38

TOPIC 4: Portfolio, Programs and Project Risk Management ............................................................................. 38

TOPIC 5: Mergers & Acquisitions ......................................................................................................................... 38

TOPIC 6: Business Continuity: Emergency & Crisis Management ....................................................................... 39

TOPIC 7: Emerging and Future Risks.................................................................................................................... 39

TOPIC 8: Other Topics .......................................................................................................................................... 39


5/40

5


This document sets the core knowledge syllabus for the "FERMA Certification in Risk Management". The

aim is to analyze the academic and professional conditions that candidates, organizations and individuals

must cover to get the FERMA Accreditation and FERMA Certification in Risk Management. To set this

Body of Knowledge a structure of 6 different Blocks have been designed by the members of this pillar 1

team.

For analysis of these Blocks we have created a series of tables in which the objectives of the domain, the

topics of each Block, the inputs and outputs as well as the learning outcomes will be described.

Subsequently, these Blocks and their topics and chapters will also be developed in the future in more

detail in tables as a core syllabus that will cover the most important aspects as well as the available

literature.

This work was performed by a team of 8 people as representatives from different national associations,

which has allowed to cover and collect a wide variety opinions and possibilities, making the work that is

presented be representative of the views of all.

FERMA thanks the members of this Pillar 1 for their work and effort in completing this document and the

ongoing process.

AMRAE Franois Malan SI.RISK Klemen Potisek

SWERMA Torgny BogrdeFERMA

AGERS

Isabel Martnez Torre-

Enciso

RUSRISK Anna KorbutFERMA

BELRIMMarie Gemma Dequae

POLRISK Sawomir Pijanowski

Program Design: Blocks

FERMA is designing a program for Accreditation and Certification to cover the overall and comprehensive

knowledge base with which Risk Managershould be familiar in their professional career.

FERMA Certificationincludes the knowledge level needed to start in the world of risk management as

well as other more strategic and specific knowledge that will provide the candidate the ability to

successfully perform both in the junior and senior part of their professional career. Along with this

knowledge, for obtaining FERMA Certification,candidates must demonstrate a number of years of

experience as well as achieving the pillars of ethics and CPD at levels to be determined.


6/40

6


The program of this body of knowledge is shown in the next table:

BLOCK N 00: Business basis for Risk Manager

BLOCK N 01: Essentials of Risk Management

BLOCK N 02: Risk Assessment

BLOCK N 03: Risk Treatment

BLOCK N 04: Risk Treatment II

BLOCK N 05: Risk Communication, Monitoring & Review

BLOCK N06: Specific Risk Management Topics

Within pillar 1, each Block will have a development at different stages, from the most general to the

most specific, to what has been thought in the following names: Pillar, Block, Topic and Chapter.

An example would be:

PILLAR: KNOWLEDGE

BLOCK: BLOCK 2: RISK ASSESSMENT

TOPIC: 2. 3. RISK ASSESSMENT, VALUATION AND QUANTIFICATION

TECHNIQUES

CHAPTER: 2.3.2. Basic qualitative risk analysis tools and techniques

By the time team 1 has worked on the structure of the Blocks and the topics of each Block. The

development of the chapter analysis will be performed at a later stage.

This part of the document distributed body of knowledge in different Blocks with reference only to

highlight topics, without going into the content or specification thereof. In this section, as well as for the

further development of the core syllabus, it was decided to use ISO Terminology but with an open

structure to other frameworks and professional standardsin order to include all the knowledge

necessary for professional development whether or not included in standards.

The structure of Blocks has been designed following the risk management process, starting with a Block

00 on the business basis of knowledge that a Risk Manager. A margin of freedom should be given to

National Associations to organise these general knowledge.

Block 1 on the key concepts for the risk manager and the professional practice of risk management

introduces the risk manager in the context of the organization and the concepts of risk and enables the


7/40

7


further development of the process. Then is analyzed very deeply in different Blocks (2, 3 and 4) the

process of identification, assessment, control and risk financing with very specific and detailed topics. A

fifth Block included more strategic and organizational topics of risk management. To complete the

syllabus a Block dedicated to other topics is introduced.

Block Description

Each Block listed is described in the following tables indicating its objectives, its input and output and the

topics that should be covered.

Block 00: Business Basis for Risk Manager

AIM: The aim of this Block is to allow applicants to the FERMA European certification to demonstrate their

knowledge in a comprehensive range of basic knowledge, skills and techniques important for the development of

the risk manager activities and profession.

INPUT: All knowledge that candidates will have in advance, will be a good starting point for the development of this

Block as well as for work in risk management.

OUTPUT:This Block is considered as an initiation Block that will allow FERMA CERTIFICATION applicantsto align

their knowledge base and managerial skills for the further development in the other Certificate Blocks.

COVERAGE:

1. Essentials Of Business And Economics

2. Basic Statistics & Financial Mathematics

3. Basic Corporate Finance

4. Financial Statements

5. Basic Of General Management

6. Legal & Contract Management

7. Basic Marketing

8. Communication

9. Information Technology & Computer Skills

10. Change Management

COMMENTS: This Block attempts to align knowledge and skills of the candidates by reviewing and deepening the

general and fundamental aspects of business management in the broadest sense. The idea is to train candidates

with essential management tools for professional development that bring these professionals at the highest level

of the organization. At the same time individuals should acquire strong computer skills.


8/40

8


Block 01: Essentials of Risk Management

AIM: This Block provides general knowledge for applicants involved in risk management, designing the broader

frame of RM within the organization.

The objective is to understand the importance of principles, framework and the context for achieving an efficientand coherent risk management process that creates and protects values.

INPUT: Standards such as ISO 31000, COSO ERM, FERMA, ANZ, Cadbury, etc.

OUTPUT: get knowledge of the framework, standards, context and environment of risk management, as

fundament to build following Blocks on.

COVERAGE:

1.Introduction To FERMA Risk Manager Certification (4 Pillars System)

2.Principles And Aims Of Enterprise-Wide Risk Management (Includes Ethics)3.Risk Management Frameworks And Standards

4.RM In The Organization: Governance, Context, Internal Audit, Compliance (3 Lines Of Defense),

Internal Control, Risk Culture, Policy

5.Company Strategy, Objectives, Responsibilities, Structure, Program Etc.

6.Risk Appetite, Risk Tolerance, Risk Attitude, Risk Capacity, Limits

7.Types And Impact Of Risk On Organizations

8.Risk Management Process: Identification, Assessment, Treatment, Control, Financing

9.Added Value, Cost And Benefits Of Risk Management

COMMENTS: The Block can be completed with national regulation or standards and local specificities.


9/40

9


Block 02: Risk Assessment

AIM:This Block revises the full process of identification, assessment and evaluation of risk in an organization. This

Block also covers analysis tools and techniques.

INPUT: RM Frameworks, Statistical Methods and Modelling, Quantitative Assessment and Forecasting Methods,Probability Analysis, Financial Analysis, Security Analysisetc

OUTPUT: Ability to comprehensively identify and assess risk of all types while employing theoretical valuation and

forecasting methods.

COVERAGE:

1. Risk & Uncertainty And Impact On Strategy

2. Risk Identification And Classification

3. Risk Evaluation Techniques

4. Qualitative Risk Analysis Tools And Techniques5. Quantitative Risk Analysis Tools And Techniques

6. Risk Consequence, Likelihood And Severity

7. Risk Modelling

8. Risk Register, Risk Matrix, Risk Profile

9. Others

COMMENTS: the main outcome of this Block will be the capability to identify, compile, analyze, evaluate and

measure the exposures to probable risks, accidental risks, extraordinary risks and business losses facing by

individuals and organizations. Understanding and assessing all general and specific types of risk should be covered

including: emerging risks and cyber, social media, climate change, reputation, regulatory, supply chain, financial,

legal, property, personnel, environmental, fraud, etc.


10/40

10


Block 03: Risk Treatment I

AIM: This Block provides mechanisms and tools necessary for the treatment of risks and losses, with special

emphasis on control / reduction measures. The purpose is to understand the nature, purpose, and steps involved in

risk control.

INPUT: Economic and regulatory capital concepts, environmental and social awareness, regulatory aspects, capital

adequacy, economics and capability of risk assumption and transfer, operations management, HRM, limit setting,

compliance principles, principles of crisis management, managerial accounting concepts, quality control, general

approaches to BCP (business continuity planning), basic knowledge on technical equipment and tools to prevent

fire, flood, natural hazardsetc.

OUTPUT: Decision making framework on risk assumption, treatment and/or transfer, response action planning

related to IT risks, BI (business interruption), crisis, regulatory authorities interaction management.

COVERAGE:

1. General Aspects (Company Risk Appetite, Inherent And Current Level Of Risk; Risk Tolerance,

Treatment, Transfer And Termination, Etc.)

2. Types Of Risk Treatment/Response

3. Risk Control Techniques: Loss Prevention, Claims Management and opportunities

4. General /Financial Risk-Related Controls

5. Business Continuity Management: Emergency and Crisis Management

6. Other Techniques

COMMENTS:Applicants must utilize the analysis to develop loss prevention & protection strategies and to engage

business units. They should manage different type and extent of loss prevention & protection efforts and monitor

activity and results. FERMA Certification candidates must understand a wide range of risk control techniques, as

prevention, protection or reduction.


11/40

11


Block 04: Risk Treatment II

AIM: The important part of risk treatment process is risk sharing, risk financing process which purpose is to

understand the nature, purpose, and steps involved in risk financing (retention and transfer). This Block develops

an understanding of basic financing techniques, the insurance principles and the primary benefits insurance

contributes to society.

INPUT: Actuarial science; insurance economics; procurement principles; legal, economic and operations

perspective of captive insurance companies, reinsurance market, ; principles of financial instruments; investment

banking sector; use of fundamental and technical analysis in decision making process; stress testing, scenario

analysis, valuation and bookkeeping of insurance instruments.

OUTPUT: Economics based decision making framework in risk transfer; best practice in concluding risk transfer

arrangements and claims management (including internal rules and procedures set-up); knowledge on when and

how to get an insurance and also when and how to get out.

COVERAGE:

1. Risk Financing Techniques

2. Insurance Sector And Solutions

3. Insurance

4. Reinsurance

5. Captive (Re-)Insurance Companies

6. Alternative Risk Transfer Methods, Products/Hedging Instruments

7. International Insurance Market

COMMENTS: FERMA Certificate applicants should understand techniques for financing retention, transfer,

insurance or the alternative risk transfer instruments. They should understand the criteria for making risk financing

decisions as well as the development of risk financing strategies and the selection, implementation and monitoring

of risk financing techniques and should know legal concepts and the legal environment in which insurance

operates. They will know the concepts of risk and its relationship to insurance as well as the role of risk

management with the company insurance policy. They will be able to develop alternative financing techniques as

insurance, self-insurance, retrospective rating, reinsurance, or captive insurance.


12/40

12


Block 05: Risk Communication, Monitoring & Review

AIM: This Block allows candidates to get the necessary skills in risk communication and consultation with

stakeholders and understanding of the importance of a sound risk culture in order to get reliable risk management

that encompasses all aspects of an organizations risk. This Block also covers the components of monitoring and

review such as coverage, risk reporting design, frequency, recipients, etc. as critical parts of the risk management

process.

INPUT: Basic knowledge on company culture, relations with stakeholders, risk information, value added decision

making process

OUTPUT: To know how to produce a risk report and action plan to the board of a company.

COVERAGE:

1. Risk Culture and the Human Factor

2. Corporate Social Responsibility

3. Communication, Consultation, Corporate Governance & Role Of The Board

4. Risk Management Information Systems (RMIS)

5. Risk Monitoring

6. Risk Review

7. Risk Assurance

8. Risk Reporting

COMMENTS: Within the company assurance environment and policy, candidates should know how to get a

specific level of satisfaction with respect to the reliability of the risk and risk management information and

documentation provided.


13/40

13


Block 06: Specific Risk Management Topics

AIM:The goal of this Block is to explore important specific business areas related to risk and risk management,

such as Business Continuity, incident and claims management or crisis management, and the link to strategic

management.

INPUT:Basic technical knowledge about IT (hardware / software, Cyber risks), merger and acquisition process (due

diligence and integration aspects), loss of profit evaluation (gross earning / gross profit), analysis of financial

statements.

OUTPUT: To be knowledgeable about theories, best practices and trends in the different topics covered in this

Block.

COVERAGE:

1. Operational Risk Management

2. Supply Chain Risk Management

3. Incident And Claims Management

4. Portfolio, Programs And Project Risk Management

5. Mergers & Acquisitions

6. Business Continuity: Emergency and Crisis Management

7. Emerging And Future Risks

8. Other Topics (projects risk management, credit risk management, )

COMMENTS: Candidates should know concrete tools for the management of specific risks such as the operational,

supply chain, incident and claims as well as the relations of risk management with the related areas of businesscontinuity and crisis management. As all organizations want to grow it is important to have knowledge of M&A and

work in projects risk management.


14/40

14


Learning Outcomes

Block 00: Business Basis for Risk Manager

TOPIC 1: Essentials of Economics and International Business

CHAPTER LEARNING OUTCOME

Macroeconomics Measuring national income and price

Equilibrium in the real market: Consumption, Investment

Equilibrium in the money market

Equilibrium in economy and aggregate demand

Macro Dynamics Inflation, Economic growth, Business cycles

International Economy And Foreign Exchange

Market

Open Macroeconomics, Foreign Exchange Rate

Principles Of Managerial Economics Insights into how market economies function: what determines the price of

a good and the quantities produced and consumed, how government

policies and other external events affect prices and quantities, in which

cases market outcomes are efficient and in which cases they are not; main

market types (perfect competition, monopoly, monopolistic competition

and oligopoly)

TOPIC 2: Basic Statistics & Financial Mathematics


Basics In Statistics Variables, population, samples, measurement of central tendency

Probability Distributions And Descriptive

Statistics

Regression and correlation, probability, variance and standard deviation,

distributions

Hypothesis Testing Estimations, hypothesis testing, hypothesis test

Time Value Of Money Simple and Compound Interest, Effective Interest Rates, Future value,

Present value, Annuities, Amortization

TOPIC 3: Basic Corporate Finance


Fundamentals Of Corporate Finance Goals of Corporate Finance, Finance Function and the Firms Objectives,

Corporate Governance

Principles Of Valuation And Discounted Cash

Flow

What is value? The valuation process, Value creation for shareholders What

is cash flow? Basics of cash flow analysis; Terminal values


15/40

15


Capital Investment Decisions, Cost Of Capital And

CAPM

Investment Decisions: Payback rules, Discounting payback period method,

IRR (internal rate of return), NPV (net present value)

Cost of capital: Cost of equity capital, Cost of debt capital, WACC (weighted

average cost of capital)

CAPM (Capital Asset Pricing Model): Measuring beta, Risk free rate, Risk

adjusted discount rates

Long-Term Financial Policy Investments decisionProject evaluation: Method for ranking investment proposals, Capital

resource rationing, Common pitfalls (e.g. Sunk costs,

depreciation)

Short-Term Financial Policy Short-term financing: Working capital, Short term financing

Cash management and Credit management

Capital Structure And Dividend Policy Leverage and the value of the firm

Dividend policy

Equity And Bond Valuation Valuation Model of Common Stock, Bond Yield Measures, Term Structure

of Interest Rates, Bond Price Analysis, Risk Measurement, the issue process

TOPIC 4: Financial Statements


Financial Accounting, Financial Reporting And

Statement Analysis

Basic financial accounting, Financial statements: Balance sheet, Income

statement, Statement of cash flows, Statement of changes in equity

Financial reporting: Uses of financial statements, International differences

in accounting

Framework For The Preparation And

Presentation Of Financial Statements

Objective of financial Statements, Fundamental definitions (asset,

liability, equity, revenue, expense), The cash flow statement , Criteria for

revenues recognition, Measurement of revenues

Assets, Liabilities And Shareholders Equity Assets: Property, plant and equipment, Investment property, Intangible

assets, Inventories, Financial instruments

Liabilities: Bonds, Hybrid securities, Leases, Retirement benefits, Provisions

Shareholders Equities

Profitability And Risk Analysis Profitability analysis: ROA (return on assets), ROCE (return on capital

employed)

Risk Analysis: Short term liquidity risk, Long term solvency risk

TOPIC 5: Basic of General Management


Management Policy And Process Management of business processes in order to optimise corporate

performance: BPM (business process management) total quality

management, continuous improvement process

Introduction To Business Information Systems ICT strategy, IT architecture and the design and use of ICT systems. Given

the growth and importance of large business information systems that are

able to register and process immense data sets, the use of ERP systems and

Business Intelligence is also important.


16/40

16


Principles Of Organizational Behaviour Organizational behaviour involves the study of how, why and what people

think, feel, and do in organizations (individual & group behaviour)

Leadership, Values, And Corporate Responsibility Self-management & develop management skills, understand leadership vs.

management, setting expectations & accountabilities, managing conflict

and change, cultural differences,

Principles Of Human Research Management A broad and sound basic knowledge about HRM, which allows students to

perform better as subordinates or supervisors in their future organizations.

TOPIC 6: Legal & Contract Management


Principles Of Law Introduction to legal science, basic structures of legal systems, legal

terminology, and legal reasoning

Society And Enterprise & Corporate Social

Responsibility

Understand issues and relationships related with risk

Introduction To International And European Law Capture and follow the evolution of the legal environment where you do

business

Compliance Learn to know how to build a management process which identify the

applicable requirements (as defined in laws, regulations, contracts,

strategies and policies) in order to assess the state of compliance

Ethics Learn to know about the principles of conduct governing an individual or a

groupbased on moral duty and obligation based on what is good and bad

TOPIC 7: Basic Marketing


Understanding the Role of Marketing Define what marketing is and how it fits into the organization, marketing

system exchange map, marketing-oriented companies, models of consumer

decision making

Marketing Strategies Strategic approaches to the planning process, mass marketing versus

segmentation marketing, segments and the targeting process,

differentiated positioning strategy, Components of the Marketing Mix

TOPIC 8: Communication


Communication Skills For Managers Communicate to influence and inspire, team building, virtual team

communication

Communication Tools For Managers Description of different systems and tools: visio conf, intranet, internal


17/40

17


medias, information letters

TOPIC 9: Information Technology


OS (Operating Systems) Windows operating system to develop foundational skills in the areas of file

management, word processing, spreadsheets, presentation software, and

emerging technologies. Projects emphasize problem solving, data analysis,

and the use of Internet communication tools.

ICT infrastructure Insight into the structure and characteristics of computer infrastructure,

such as servers and clients, storage and networking equipment. This is

necessary to be able to develop a general architecture of ICT infrastructure.

TOPIC 10: Change Management


Psychology of Change Foundational principles for managing change, best practices in change

management, Fundamentals of managing the people side of change

Change Management Process Process for Managing Change, Organizational Change Competency,

Connecting Change Management to Business Projects, Change

Management Strategy, Change Management Team

Managing Change Communication Plan, Sponsor Roadmap, Coaching Plan, Resistance

Management Plan, Training Plan, Master Change Plan

BIBLIOGRAFY, READING, LEARNING MATERIALS

TOPIC 1: Essentials of Economics and International Business

BLANCHARD O. (2011), Macroeconomics, Prentice Hall, 5th

edition

JAMES COLLINS,Good to Great

TOPIC 2: Basic Statistics & Financial Mathematics

Essentials of Statistics downloadable from www.bookboon.com

Statistics for Business and Economics downloadable from www.bookboon.com

Essentials of Statistics: exercises downloadable from www.bookboon.com

TOPIC 3: Basic Corporate Finance

BREALEY AND MYERS AND ALLEN (2013), Principle of Corporate Finance, McGraw-Hill, International, 11th

edition

BODIE, KANE AND MARCUS (2013), Investment, Irwin, 1996, 10th

edition


18/40

18


The capital asset pricing model (CAPM) downloadable from www.bookboon.com

TOPIC 4: Financial statements:

PENMAN Stephen, (2012), Financial statement analysis and security valuation, McGraw-Hill, International edition, 5th

edition

TOPIC 5: Basic of General Management:

Management basics: downloadable from www.bookboon.com

TOPIC 6: Legal & Contract management

Contract lifecycle management downloadable from www.bookboon.com

TOPIC 7: Basic Marketing

Essentials of Marketing downloadable from www.bookboon.com

TOPIC 8: Communication

Effective communication skills downloadable fromwww.bookboon.com

Advanced communication skills downloadable fromwww.bookboon.com

TOPIC 9: Information Technology

IT strategy and technology downloadable fromwww.bookboon.com

TOPIC 10: Change Management

CAMERON, E. & GREEN, M. (2012), Making Sense of Change Management, Kogan Page Ltd, 3rd edition.

Change management downloadable from www.bookboon.com

Block 01: Essentials of Risk Management (COMPULSORY)

TOPIC 1: Introduction to FERMA Risk Manager Certification (4 Pillars System)

CHAPTER LEARNING OUTCOME Passport

Level (X)

Advance

Level (X)

Risk Management Associations Description, history, how it works, relations on national and

international levelsX X

FERMA To know the national association of the country in which

the Passport is granted (for certification : the country whereX X
http://www.bookboon.com/http://www.bookboon.com/http://www.bookboon.com/http://www.bookboon.com/http://www.bookboon.com/http://www.bookboon.com/http://www.bookboon.com/http://www.bookboon.com/http://www.bookboon.com/http://www.bookboon.com/http://www.bookboon.com/http://www.bookboon.com/


19/40

19


the RM is located)

Fundamental of FERMA organization and objectives

The 4 Pillars Of Certification Knowing the 4 pillars (Knowledge, Experience, CPD & Ethics) X X

The 2 Levels Of Certification To know the difference and the way of obtaining (andkeeping) the passport or the advanced level

X X

TOPIC 2: Principles and Aims of Enterprise-Wide Risk Management (Includes Ethics)


Level (X)

Advance

Level (X)

Principles of ERM Principles could be divided into what should be the

characteristics of RM and what it should deliverX X

Aim of ERM To understand the different aims of each organization:

compliance, assurance, decision making, efficiency of

operations, effectiveness pf processes or efficacy of

strategy

X X

TOPIC 3: Risk Management Frameworks and Standards


Level (X)

Advance

Level (X)

COSO Erm From COSO 1 to COSO 2 (origin, objectives, , contents)X X

ISO 31000 Description of ISO 31000 X X

Local Framework Framework of the country in which the Passport is granted

(for certification : the country where the RM is located)X X

Other International Standards FERMA framework, IRM standards, ISO 31010/31004/ COSO

III X

Corporate Internal Standards Some companies use their own standards (linked to the

culture and the maturity of the company)X

TOPIC 4: RM in the Organization: Governance, Context, Internal Audit, Compliance (3 Lines Of Defense),

Internal Control, Risk Culture, Policy


Level (X)

Advance

Level (X)

Historical Background Origin of RM in the US, Europe, in the country in which the

Passport is granted (for certification : the country where theX X


20/40

20


RM is located)

RM In The Company Position, most common attachment X X

3 Lines Of Defense Definition 1st

(operational management)t , 2n

(RM, internal control)

3rd

(internal and external audit)X X

3 Lines Operations X

Relations With Other Departments Relations with Legal, Quality, Safety, Environment

DepartmentsX

Risk Aware Culture Implementation of a risk culture within the organization

Human and culture factorsX

TOPIC 5: Company Strategy, Objectives, Responsibilities, Structure, Program Etc.

CHAPTER LEARNING OUTCOMEPassport

Level (X)

Advance

Level (X)

RM Responsibilities Board mandate and commitment, scope of the initiative,

RM responsibilities within the organizationX

Company Framework For Managing Risk Description of risk architecture, risk strategy, risk protocols

& RM policyX

Implementation Of The Framework Tools to implement framework and RM processes X

Monitor, Review & Improve The Framework Tools to monitor the framework X

TOPIC 6: Risk Appetite, Risk Tolerance, Risk Attitude, Risk Capacity, Limits


Level (X)

Advance

Level (X)

Risk Strategy Definition Risk appetite, risk tolerance, risk attitude, risk capacity,

limits, CEO involvement

HOW? Tools spreadsheets which can be used

X X

Risk Strategy Applicability Risk appetite, risk tolerance, risk attitude, risk capacity,

limits, CEO involvement

WHY?

X X

TOPIC 7: Types and Impact of Risk On Organizations

CHAPTER LEARNING OUTCOME Passport Advanced


21/40

21


Level (X) Level (X)

Definition Of Risk Various definitions : a threat or an opportunity the origin

or the consequence

Need to be stated by each Company and communicated

X X

Types Of Risks Internal or external risks, strategic or operational risks, HR,

legal X X

Impact Of Risks Financial or non-financial impact (image) X X

Recording Risk Assessments Risk register, spreadsheet, computer-based system X

TOPIC 8: Risk management process: identification, assessment, treatment, control, financing


Level (X)

Advance

Level (X)

Risk Management Process Different types of process ex: ISO 3100 (7Rs & 4Ts), FERMA,

local standardsX X

Identification & Assessment (Definition) Essential of risk assessment (methodology, Top-down,

bottom-up approach, risk matrix)X X

Reduction & Control (Definition) Essential of risk control (or mitigation), risk avoidance or

reduction (including loss prevention), risk transfer

(contractual)and opportunities

X X

Risk Financing (Definition) Essential of risk financing : retention, insurance, captives,

ART

X X

Feedback Mechanisms Essential of monitoring and review of performance,

communication and consultationX

TOPIC 9: Added Value, Cost and Benefits of Risk Management


Level (X)

Advance

Level (X)

Cost of risk Total Cost of Risk (TCOR): calculation, use X

Added value and benefits of Risk Management Calculation of the optimal risk/return profile X



22/40

22


Airmic Alarm 2010, Understanding and Communicating Risk Appetite, IRM Risk Appetite, IRM Extended

Enterprise: Managing risk in complex 21st century organisations, Executive Summary COSO Board Position 09,

Framework of Board Oversight of Enterprise Risks by CA.

COSO: Internal Control - Integrated Framework: Executive Summary, Framework and Appendices, and

Illustrative Tools for Assessing Effectiveness of a System of Internal Control

IRM white paper on Risk Culture

ICGN Corporate Risk Oversight Guidelines

ERM shaping the Risk Revolution by Mckinsey and RMA

HOPKIN PAUL (2010), Fundamentals of Risk Management

Protiviti ERM guidance,

FREDERICK FUNSTON STEPHEN WAGNER (2010), Surviving and Thriving in Uncertainty: Creating the Risk

Intelligent Enterprise, Wiley

Enterprise risk management,downloadable fromwww.bookboon.com

Corporate governance and risk management, downloadable fromwww.bookboon.com

Results of various surveys such as World Economic Forum (annual Global Risks report).

Presentations of best practicescase studies. Laws and regulations such as KONTRAG, Sarbanes Oxley, Dodd

Frank Act, GL 44, and EU: 8th

company law directive, Solvency II, Basel III, etc.

Block 02: Risk Assessment

TOPIC 1: Risk & Uncertainty and Impact On Strategy


Level (X)

Adva

Leve

Risk and Risk Management Definitions Understanding risks and acquiring fundamentals of risk

identification; acquiring ability to gather the necessaryinternal/external data and information for risk modelling and their

validation

X X

Uncertainty And likelihood Acquiring basis for risk quantification (likelihood => risks;

uncertainty => black swans?) and ways to handle such issuesX X
http://www.bookboon.com/http://www.bookboon.com/http://www.bookboon.com/http://www.bookboon.com/http://www.bookboon.com/http://www.bookboon.com/http://www.bookboon.com/http://www.bookboon.com/


23/40

23


Risk Influenced Strategy Principles of risk based strategy setting and adjustment

Integration of strategic management and risk management

X

Risk Policy Being able to formulate risk policy taking into account companys

strategic goals, risk attitude & appetite, its industry, market; RM

should understand why and how the policy should be reviewed andadjusted to serve its purpose

X

Risk Tactics Being able to decide on proper and timely tactical adjustments to

adopted risk strategy within changed circumstances, and

communicate the necessary changes incl. exit strategy) in

comparison with the base scenario (quantitatively and qualitatively)

X

TOPIC 2: Risk Identification and Classification


Level (X)

Adva

Leve

Risk Classification(S) Becoming aware of underlying reasons for various risk classification

approaches (origin, impact, subject, industry, etc.); proper risk

identification and classification within organisation

X X

Description Of Main Risks Acquiring overview of the nature and impact of financial, quality,

liability, asset, environmental, personnel, transport, IT, intellectual

property, criminal, etc. risks

X X

Identification Of Main Risks Competence to identify risks which may significantly impact or

impair an organisations ability to perform and/or survive (going

concern).

X X

Correlated And Consequential Risks Acquiring basis for comprehensive assessment of net risksX

Classification Of Loss Exposure Understanding the nature of losses; basis of management attention

prioritization and adequate approach to risk treatment (avoidance,

reduction, retention, transfer)

X

TOPIC 3: Risk Identification Techniques


Level (X)

Adva

Leve

Methods Of Identifying Risks And Loss

Exposure (Introduction)

Brainstorming, checklists, surveys, loss histories, financial

statements, etc.X X

Methods Of Identifying Risks And Loss

Exposure (Advanced)

(Strategic) objectives based, Scenario analysis, via identification of

risk sources (taxonomy based), FMEA (failure mode and effect

analysis), incident analysis,

X


24/40

24


Other Methods ISO 31010, COSO ERM, etc. X

TOPIC 4: Qualitative Risk Analysis Tools and Techniques


Level (X)

Adva

Leve

Qualitative Methods Brainstorming, checklists, surveys, external data & information, etc. X X

Qualitative Risk Analysis Tools And

Techniques

Probability impact matrices, risk scoring, etc.X

TOPIC 5: Quantitative Risk Analysis Tools and Techniques


Level (X)

Adva

Leve

Qualitative Methods Probability theory, etc. X X

Statistical Methods Ability to calculate volatility, the Greeks, correlation; regression,

trends, understanding actuarial methods etc.X

Quantitative Risk Analysis Tools And

Techniques

Monte Carlo simulation, decision trees, factor analysis, sensitivity

analysis, etc.X

TOPIC 6: Risk Consequence, Likelihood and Severity


Level (X)

Adva

Leve

Qualitative Approach Identifying the hazards and associated risks, option analysis,

checklists, audits, use of sources (hazard studies), fault trees, cause

& consequence diagrams, etc.

X X

Quantitative Approach Choice of adequate historical data, use of statistical methods,

forecasting, scenario analysis, etc.X X

TOPIC 7: Risk Modelling


Level (X)

Adva

Leve

Risk Modelling In General Ability to identify risk exposure and risk factors, implement and

validate risk models, identify model limitations, interpret statistical

analyses, conduct stress tests and scenario analyses

X


25/40

25


Asset Pricing (CAPM) Understanding the relationship between risk, return and value of

assetsX

Economic Capital Understanding the relationship between various possible risks

impact and capital needed along with risk pricingX

Key Risks Indicators X

TOPIC 8: Risk Register, Risk Matrix, Risk Profile, Risk Map


Level (X)

Adva

Leve

Risk Register Competence to organize a companys risk register given its

industry, size/complexity, etc.X X

Risk Matrix Competence to define risk matrix and adequate risk response given

a companys industry, size/complexity, etc. X

Risk Profile Understanding the approach to defining a companys risk profile;

competence to differ between perceived and actual risk profile and

the use of the concept to achieve target risk profile

X

Risk MapX X


ANDERSON, DAVID RAY (2012), Quantitative Methods for Business, West Publishing Company, 12t

edition (topic

4, 5, 6, 7)

BODIE, ZVI (2010), Investments, Times Mirror Higher Education Group, 9th

edition (topic 4, 5, 6, 7)

BRIGHAM, EUGENE F. (2011), Fundamentals of Financial Management, The Dryden Press, 7th

edition (topic 1, 2, 3,

5)

BRIGHAM, EUGENE F. (2012), Intermediate Financial Management, The Dryden Press, 11th

edition (topic 1, 2,3, 5)

CROUHY, MICHEL (2001), Risk Management, McGraw-Hill, 2nd

edition (topic 1, 7, 8)

GREGORY, JON (2010), Counterparty Credit Risk, John Wiley & Sons Ltd., 1

st


SERVIGNY, ARNAUD DE (2004), Measuring and Managing Credit Risk, McGraw-Hill, 1st


WHITE, GERALD I. (2002), The Analysis and Use of Financial Statements, John Wiley & Sons, Inc., 3rd

edition (topic

2)

MCKINSEY WORKING PAPERS ON RISK, NUMBER 13 (2011), Risk modelling in a new paradigm: developing new

insight and foresight on structural risk


26/40

26


KING, JACK L., Operational Risk : Measurement & Modelling, Wiley Finance pp.261

MARSHALL, CHRISTOPHER, Measuring & Managing Operational Risks In Financial Institutions, Wiley Finance, pp.

569

Block 03: Risk Treatment I

TOPIC 1: General Aspects (Company Risk Appetite, Inherent and Current Level of Risk; Risk Tolerance,

Treatment, Transfer and Termination, Etc.)


Level (X)

Advanced

Level (X)

Company Risk Appetite Competence to define risk appetite, management risk

tolerance, the role of risk manager/Chief Risk Officer/risk

committee, economic capital, regulatory capital etc.;

X X

Economics Of Risk Treatment Knowledge and competence to provide top management

with basis for decision making on risk treatment based on

economics of risk management (scenario analysis based on

impact, probabilities and expected (opportunity) cost of

avoidance, reduction, retention or transfer)

X

TOPIC 2: Types of Risk Treatment/Response


Level (X)

Advanced

Level (X)

Risk Response Tolerate, treat, transfer or terminate X X

TOPIC 3: Risk Control Techniques: Loss Prevention, Claims Management and opportunities


Level (X)

Advanced

Level (X)

Risk Avoidance Understanding techniques of risk avoidance and evaluationof eventual opportunity cost/profit

X X

Risk Mitigation/Preventive Techniques Understanding purpose and contents of policies,

programmes to address hazards, importance and approach

to structuring the responsibilities

X X


27/40

27


Loss Reduction Techniques Knowledge of operations management and competence to

assess opportunity in lateral approach control of

infrastructure risks (health & safety at work, natural

hazards, property fire protection, IT security, HR risks),

control of reputational risks brand protection,

environment), control of marketplace risks (technology

developments, regulatory risks)

X

Separation, Diversification And Duplication

Techniques

Understanding the tools and risk situations in which they

can be successfully appliedX

TOPIC 4: General /Financial Risk-Related Controls


Level (X)

Advanced

Level (X)

Limit Setting VaR, credit limits, Altman Z Score (and other models),

concentration indices, etc.X

Control Set-Up Control framework, techniques, necessity of predefined

criteria, monitoring frequency, etc.X

Others Fraud control

Historical liabilities (exposure to asbestos, related to

pension funds,

X

TOPIC 5: Business Continuity Management: emergency and crisis management


Level (X)

Advanced

Level (X)

Business Continuity (definition) Understanding emergency and crisis management concepts X

Disaster Recovery (definition) Policies, pre-disaster protection and mitigation measures,

continuity of operations planning, post-disaster response

and recovery elements of continuity planning, etc.

X

Business Impact Analyses, Recovery Strategies

And Business Continuity Plans

Competence to outline BC/DR planX

Testing, Training And Awareness Programmes Competence to outline the main contents of defined

programmes given a companys size, industry etc. X

Communication and Crisis Management

Programmes

Competence to outline the main contents of defined

programmes given a companys size, industry etc. X

TOPIC 6: Other Techniques


28/40

28



Level (X)

Advanced

Level (X)

National Associations Tools Other techniques X


BRIGHAM, EUGENE F. (2011), Fundamentals of Financial Management, The Dryden Press, 7th

edition (topic 3)

BRIGHAM, EUGENE F. (2012), Intermediate Financial Management, The Dryden Press, 11th

edition (topic 3)

CROUHY, MICHEL (2001), Risk Management, McGraw-Hill, 2nd

edition (topic 1, 5, 6)

GREGORY, JON (2010), Counterparty Credit Risk, John Wiley & Sons Ltd., 1st

edition (topic 4)

SERVIGNY, ARNAUD DE (2004), Measuring and Managing Credit Risk, McGraw-Hill, 1st

edition (topic 4)


edition

(topic 4)

HEIZER, JAY (2013), Operations Management, Pearson, 11th

edition (topic 3)

COSO ERM, COSO Thought paper on Risk Appetite, IRM Risk Appetite &Tolerance Guidance Paper

HOPKIN PAUL (2010), Fundamentals of Risk Management p.420

Pollution prevention & Control downloadable from www.bookboon.com

Block 04: Risk Treatment II

TOPIC 1: Risk Financing Techniques


Level (X)

Advanced

Level (X)

Risk Retention Understanding risk absorption provisions, economic &

regulatory capital, captive insurance concepts & their

economics

X X

Risk Transfer Understanding the use of financial derivatives & markets,

(re)insurance covers, naturalhedgeX X

Other Risk Financing Techniques SecuritisationX

TOPIC 2: Insurance Sector


29/40

29



Level (X)

Advanced

Level (X)

Insurance Market Understanding the mechanics and organisation of insurance

sector; understanding insurance sector risk transfer products

Knowing the main actors (brokers, insurers, insurance industry

network)

X X

Insurance Programs Local vs. international insurance programs & regulatory

perspective/influence, master insurance policies vs. local

policies, choice of right insurance mix - optimal (international)

coverage, claims management, etc.

X X

International Insurance Legislations and

Regulations

Particularities in insurance policies, coverage & claims

management under general legislative approaches (e.g. Anglo-

Saxon vs. Continental Law); particularities in liability insurance,

etc.. compliance in international insurance programs

X

National Legislations and Regulations Knowledge of national insurance sector, market/solutions and

particularities, etc.X

TOPIC 3: Insurance


Level (X)

Advanced

Level (X)

Types Of Insurance Cover Broad knowledge of types of insurance: property, liability,

marineX X

Premium Knowing how the premium is calculated, revised, taxedX X

Deductibles Rationale for deductibles for insurer and the insured

(economics & scenario analysis of deductibles based on

mathematical probability (market/company) including analysis

of historical data/time series of cases.

X X

Material Contractual Obligations Knowledge of key legal principles and obligations with which

the insured should be familiar X X

TOPIC 4: Reinsurance


Level (X)

Advanced

Level (X)

Reinsurance Definition X X

Reinsurance MarketUnderstanding the structure and operations of reinsurance

X


30/40

30


market, parties involved, functioning of captive (re)insurance

companies

Classifications Proportional and non-proportional(per-risk, per-event & stop-

loss cover).X

New Reinsurance Techniques X

TOPIC 5: Captive (Re) Insurance Companies


Level (X)

Advanced

Level (X)

Captive Definition X X

Classification Knowledge of captive insurance principles and possibilities

(single parent, association, industry captive, rent-a-captive, cell

captives, etc.)

X

Organisations & applications Knowledge of legal/regulatory and tax aspects of captives. X

Captives as risk retention and risk transfer

tool

Understanding rationale, economics and mechanics of captive

insurance companies

X

TOPIC 6: Alternative Risk Transfer


Level (X)

Advanced

Level (X)

Standard Methods Understanding the mechanics and organisation of financial

sector; understanding financial sector risk transfer products,

options, bonds

X X

Alternative Risk Transfer (ART) Methods Catastrophe bonds, reinsurance sidecars, industry loss

warranties; financial derivatives, etc.X

TOPIC 7: International Insurance Market


Level (X)

Advanced

Level (X)

Structure And Organization Of

International Insurance Market

Parties involved importance, governance, regulation, etcX X

International Programs Products, insurance policies, claims management, etc. X


31/40

31



BAWCUTT, PAUL (1997), Captive Insurance Companies: Establishment, Operation and Management,

Witherby & Co Ltd, 4th

edition (topic 4, 5)

BRIGHAM, EUGENE F. (2011), Fundamentals of Financial Management, The Dryden Press, 7th edition (topic

6)

BRIGHAM, EUGENE F. (2012), Intermediate Financial Management, The Dryden Press, 11th edition (topic 6)

CARTER, ROBERT.L (1991), Principles Of Reinsurance, Practice Of Reinsurance, The Reinsurance Market, The

Chartered Insurance Institute Tuition Service

Block 05: Risk Communication, Monitoring & Review

TOPIC 1: Risk Culture and the Human Factor


Level (X)

Advanced

Level (X)

Risk Communication & Review Definitions X X

Risk Culture Definition Know and understand the importance of risk culture for an

effective risk management and the soft factors are even

more important than the hard ones.

Understand that walk the talk is critical for a legitimate and

trustful risk culture.

That risk culture is the effect of long-term work; slowly built

up but quickly destroyed.

X X

Risk Culture Criteria Able to define criteria of risk culture.

To know that soft factors like risk culture can be audited

and verified.

X

X

Give examples of synonyms to risk culture = control

environment and corporate culture

X

TOPIC 2: Corporate Social Responsibility


Level (X)

Advanced

Level (X)


32/40

32


CSR (corporate social responsibility)

Definition

Corporate self-regulation within the business model,

embracing responsibility for corporate actions to all

stakeholders

X

COSO Demystifying sustainability risks. Know and understand the connection and context of

internal and external risks, the growing weight stakeholders

put on sustainability risks.

X

Standards 3 lines of defence, CSR vs corporate governance X

TOPIC 3: Communication, Consultation, Corporate Governance & Role of the Board


Level (X)

Advanced

Level (X)

Definitions X X

Communication Communication and consultation with external and internalstakeholders should take place during all stages of the risk

management process.

It is important to develop (educate) Board members. To give to

this the key significance - continuous learning for RM

stakeholders and key users, sound increase in RM

professionalism within the Board. Board is the key client and

they are strongly expected to be an Educated Client - ready and

able for dialogue about RM system development, not just

"passive" report consumers.

Communication for business lines and company employees:

tools, eLearning

Board shall be able and ready to have dialogue with the risk

managers to define, develop and practically pose tasks,

requirements and challenge for RM function; select format and

size of the system; select tools and instruments relevant for

particular company, etc.

X

Consultation Learn which responsibilities Board directors have and which

questions directors should ask re risk oversight, objectives of

ERM, effectiveness of Managements RM process (with

adequate resources) capacity and appetite for risk, portfolio

and consolidation of risks, reporting (adequacy and timeliness)

X

Plans For Communications Therefore, plans for communication and consultation should be

developed at an early stage. X

Stakeholders Definition Who are the stakeholders?X X


33/40

33


Relations With Stakeholders Communication and consultation with stakeholders is important

as they make judgements about risk based on their perceptions

of risk. Communication and consultation should facilitate

truthful, relevant, accurate and understandable exchanges

of information, taking into account confidential and personal

integrity aspects.

Cognitive biases various studies very definitively suggest thatcognitive biases play a significant role in human ability to

correctly identify, assess and mitigate risks. Within risk

managers activities needs to be big deal of adequate coverage

of significant cognitive biases and steps to overcoming them.

X

Communications With Stakeholders Know how to differentiate risk communication for different

stakeholders, types of risks, Understand the differences of risk

perception and the importance of timing of risk

communication.

X

Conditions Risk Managers role is to facilitate, advice, co-ordinate the

RM-process.

Lines of responsibilities/defence. Separation of duties.

Dualities. All necessary for effective Governance and

Controls.

X

X

To understand that the Board has the ultimate responsibility

of Risk Oversight but that all risk owners are responsible for

their risk management.

X

TOPIC 4: Risk Management Information Systems


Level (X)

Advanced

Level (X)

Risk Management Information Systems Know the important Risk Management information Systems

on the market and their main features. If needed build your

own RMIS

Forrester and Gartner surveys.

X

TOPIC 5: Risk Monitoring


Level (X)

Advanced

Level (X)

Risk Monitoring The risk monitoring can be applied in sequence:

- Basic qualitative risk analysis techniques

(likelihood x consequences) is applicable by all

organizations

- Intermediate tools like bow-tie analysis and other

X


34/40

34


semi-quantitative techniques should be applied to

high risks assessed.

- Advanced steps like risk modelling and quantitative

techniques should be applied to only significant

risks.

KPI/ limit indicators

Internal Control Self-Assessment (ICSA) Self-control and Self-assessment shall be recognized as

ones but exhaustive risk identification techniques.X

TOPIC 6: Risk Review


Level (X)

Advanced

Level (X)

Efficiency (general) Top priority starting points - Strategic planning, business

planning, budgeting. Risk assessments must beincorporated into strategy setting and business planning.

Budgets should be agreed and signed off only after a risk

assessment has been undertaken and results taken into

account.

X

Efficiency For Board Members Risk assessment should be integral to any significant

management or investment decision. There should not be

stand-alone risk assessment, but integrated into any

material decisions, where decision should be considered

only after proper risk analysis has been undertaken. The

level and complexity of risk analysis should be aligned with

the risk appetite and the value of the decision.

X

Risk Indicators Management reporting should include key strategic goals

and KPIs@Risk. Risk reporting should also be aligned with

performance management and employee remuneration.

Those indicators should be inbuilt into existing business

processes and should not exist on their own.

X

TOPIC 7: Risk Assurance


Level (X)

Advanced

Level (X)

Internal Audit IT & Project Assurance Process assurance X

TOPIC 8: Risk Reporting

CHAPTER LEARNING OUTCOME Passport Advanced


35/40

35


Level (X) Level (X)

Internal Reporting Definition Internal risk reporting is the crucial matter in developing

risk culture across an organization: communication risks in

understandable, comprehensive, analytical yet practical

format would in the best way serve to risk culture

development.

Effective communication shall take in consideration general

readiness of the users (audience):

- avoid too much sophisticated format that would

be not understood;

- avoid too much general description of risks that

would not tell much practical information.

X X

Internal Reporting Tools Risk managers shall always understand that the higher is

the level of corporate risk information users the more

aggregated and analytical risk report shall be.

Risk reporting for internal users is expected to satisfy to

certain requirements:

- to provide clear basis for decision-making;

- to take into account risk perceptions by

information users;

to take into account objectives and interests of users.

X

External Reporting Not entire risks shall be communicated externally but

comprehensive information on risk management system inplace within the organization.

Agency theory concerned with so-called agency conflicts

(conflicts of interest) between agents and principals in

agency relationships: (a) between shareholders and

managers and (b) between debt-holders and shareholders.

X

Communication, Coordination & Writing A

Report

Risk reporting shall satisfy to certain criteria:

- consequent and comparable information and

format;

- regular;

- influence, results and outcomes from activities

done to influence either risk probability or risk

impact shall be always indicated;

- risk information shall be addressed at the right

level of competence - decision-making (corporate

X


36/40

36


governance) power relevant to risk significance;

- good balance between quantitative and qualitative

risk information shall be targeted;

- risk report format shall be comprehensive for

users, other reporting lines and streams within theorganization shall be certainly taken into account

and coordinated with.


BRECK, THOMAS, Types Of Risk And Types Of Communication

Technology and Market Research: surveys from FORRESTER RESEARCH, GARTNER


edition (topic 9)

International Accounting Standards (topic 9)

ISO 3100 points 5.2, 5.3, 5.6 and 5.7.

COSO Integrated Framework May 2013, Thought Paper Feb 2014, Risk Culture

IRM/Protiviti 2012, Understanding and Communicating Risk Appetite COSO 2012.

GRI Sustainability Reporting Guidelines 2013,

Forrester Wave Q4 2011, Gartner Magic Quadrant.

ISO 2600, UN Global Compact, COM 2011 681, OECD Guidelines, ec.europe.eu, Stakeholder model

Block 06: Specific Risk Management Topics

TOPIC 1: Operational Risk Management


Level (X)

Advanced

Level (X)

Operational Risk Management - Definition

Operational Risk Management In Industry Analysing risks loss protection & prevention loss

mitigation solutions in different kinds of risks (property- X


37/40

37


liability, transport, credit )

Definition and classification of operational risks offered by

GARP

Relationships of three operational risks components:

- technology development;

- business-processes and organizational

development (incl. internal control);

- human resources development (soft factors shall

be strongly taken into consideration, such as

moral hazard, cognitive biases, institutional

theory).

Concept Layers of Cheese and organizational (corporate)

pathogens by J. Reason

Operational Risk Management In Finance + Regulatory treatment of operational risk under Basel II &

IIIoperational risk in various financial institutionsX

TOPIC 2: Supply Chain Risk Management


Level (X)

Advanced

Level (X)

Logistics Management An integrated and comprehensive treatment of logistics

and supply chain management: how firms must logically

link with their supply chain partners in order to gain a

market advantage.

Major economic trends which fundamentally influenced

the supply chain processes are: ongoing advances in IT-

management, increasing cost pressure, underlining the

role of quality management and customer satisfaction.

Also, the increasing focus on core activities causes large,

often worldwide networks for supply, production and

distribution.

X

Supply Chain Risk Management Global supply chains face a multitude of risks; review

structured and systematic approaches for assessing risks in

supply chains

Including logistics, supply chain management, operations

management, strategy, and international business - to

develop a model of global supply chain risk management.

Interconnections between plants, difficulty to calculate the

consolidated margin to declare. Evaluate insurance

response.

X


38/40

38


TOPIC 3: Incident and Claims Management


Level (X)

Advanced

Level (X)

Data Base Management Databases are part of many business applications.Therefore it is necessary for a computer scientist to gain

insight into the technology, the design and the use of

databases. Since the relational database model is the most

widely used model, it is studied quite thoroughly.

X

Claims Management Practical working knowledge of handling claims: claims

practices, fraud issues

Description of the main actors involved (brokers, experts,

lawyers, insurers)

Key legal points: deductible, limits, value

X

TOPIC 4: Portfolio, Programs and Project Risk Management


Level (X)

Advanced

Level (X)

Project Management With Focus On Risk Project management can be applied to all kinds of

projects, from ICT projects to construction projects, to all

kinds of other projects. Fundamental ideas of project

management: time, resources, cash, quality, etc. Important

to learn planning techniques and many other techniques

that can be applied in project management.

Additional issue, especially for international projects, shall

be compliance risks management, where regulatory

landscape in other countries / locations can differ

substantially from the ones from where the project (and

the team) is originated.

X

TOPIC 5: Mergers & Acquisitions


Level (X)

Advanced

Level (X)


39/40

39


M&As And Corporate Strategy Mapping the path to optimise your portfolio

Cooperate in Due diligence process

Define an optimal portfolio of businesses, as well as the

right mix of internal and external growth of businesses

Design a post-M&A integration approach that fits strategic

& risk objectives, while also taking into account humanconstraints;

Differences in corporate Risk cultures

Integrates from an insurance point of view: cancellation of

the existing policies, D&O

Description of insurance products to solve a problem in an

M&A deals (legal issue, pollution, liability guarantee)

X

TOPIC 6: Business Continuity: Emergency & Crisis Management


Level (X)

Advanced

Level (X)

Business Continuity Management Learn to embed BCP in the organizational culture:

identifying a crisis situation

deciding how and when to respond

communicating both internally and externally

leading and directing the recovery process

contents of the ISO 22301 standard for BCMS

(Business Continuity Management Systems)

X

Disaster Recovery Management Key concepts of developing business continuity and

disaster recovery strategies, design and implementation of

DR plans, and preparing and conducting awareness and

training programmes

X

TOPIC 7: Emerging and Future Risks


Level (X)

Advanced

Level (X)

Emerging & Future Risks Climate change, nanotechnologies, robotics, wearable

devicesX

TOPIC 8: Other Topics


Level (X)

Advanced

Level (X)


40/40

Regional Specific Topics X

BIBLIOGRAPHY, READING, LEARNING MATERIALS

OLSSON CARL (2002),Risk Management In Emerging Markets: How To Survive And Prosper, PearsonEducation Limited

KVINT VLADIMIR (2009) The Global Emerging Market: Strategic Management and Economics? Routledge

PROTIVITI AND NC TATE UNIVERSITTYS ERM INITIATIVE, Executive Perspectives on Top Risks for 2014

(Key issues discussed in the boardroom and the C-suite Research)

REASON, J. (1990) Human Error, Cambridge: University Press, Cambridge

IRM, Extended Enterprise: Managing risk in complex 21st century organisations

Websites:

www.erisks.comrisk related site with up to date news on trends and issues in risk management.

www.iif.compublishes country and regional reports on various emerging market countries.

www.economist.comcontains articles and archive material from The Economist including country

surveys.Foundations of Banking Risk (http://www.garp.org)

Concept Layers of Cheese and organizational (corporate) pathogens by J. Reason:

http://wikibin.org/articles/corporate-pathogens.html

Global Risks (Annual) a Global Risk Network Report of the World Economic Forum

Articles on supply chain risk management

Business case: Ericsson's proactive supply chain risk management approach after a serious sub-

supplier accident

Basel I, II, III

ISACA papers: (IT Assurance Framework (ITAF); COBIT 4.1; COBIT 5; Val IT; Risk IT)

PMBOK
http://www.erisks.com/http://www.erisks.com/http://www.iif.com/http://www.iif.com/http://www.economist.com/http://www.economist.com/http://www.garp.org/http://www.garp.org/http://www.garp.org/http://wikibin.org/articles/corporate-pathogens.htmlhttp://wikibin.org/articles/corporate-pathogens.htmlhttp://wikibin.org/articles/corporate-pathogens.htmlhttp://www.garp.org/http://www.economist.com/http://www.iif.com/http://www.erisks.com/

Documents

Certification Programme Knowledge Only v1