Take Charge of Value Creation in Your Organisation
Enterprise Risk Management (ERM) is everyone’s responsibility. Whilst senior management tends to understand this statement, there tends to be some confusion over it at middle and more junior management levels. As a certified Enterprise Risk Advisor, you will be able to take on more responsibilities in your organisation in the area of risk management. You will also have the practical know-how to support the strategic objectives of your organisation through the implementation of ERM.
The ERA® certification builds on the ERT® (Enterprise Risk Technician) program and provides intermediate-level knowledge for those seeking to deepen their expertise in ERM in a holistic way.
To become fully certified, participants will have 3 years to complete all training modules. Registration for individual training modules is also available.
Internal Controls are an important element in any Operational Risk Management process and framework – and accordingly constitutes an important element when conducting any evaluation over the fitness of purpose of an Operational Risk Management process or program. This module encompasses a detailed examination into various options available to Risk Practitioners for evaluating internal controls in relation to the management of Risk. Participants will be guided through various evaluation tools, including Risk Control Self Assessments (“RCSA”) options. The studies entail understanding and applying the various approaches and methodologies including their purpose and design, tools, and their fit into an ERM framework. Participants will be taken through a detailed case study, workshop and exercise over a complete RCSA lifecycle. The module also includes exercises where participants will be given the opportunity to practice the tools and concepts covered in the program.
There are many existing definitions of Corporate Governance (“CG”) and best practice guidelines vary from one international region to another. This program is designed to provide participants with a solid fundamental understanding of the origins, principles, development and current status of CG and CG standards. As a developing ERM practitioner, this program will help you gain the necessary skills and knowledge to utilise and move CG from value preservation activities towards value enhancement activities, principles, processes and concepts in relation to ERM. Participants will be instructed in how the concepts and basics of CG developed, as well as the roles of the various bodies and organisations key in its evolution, application and enforcement. The program includes instruction in effective CG drivers and how to establish, assess, improve and monitor effective CG programs in your organisation. The course provides participants with an overview of CG, its relevance to GRC concepts and how to achieve results through effective implementation of all of the above.
The objectives of this module centers around how to design processes to manage project risk to ensure a winning project team that’s focused on what they need to accomplish and the tools at their disposal. Participants will also learn how to formulate project plans and processes, including risk considerations. The module contains guidance on tools and techniques on how to stay within budget as well as how to establish a robust plan with deadlines and track their progress at every stage.
In this age of increasing cybersecurity threats, what is required is a prioritized, flexible, repeatable, performance based, and cost-effective approach. This includes information security measures and controls – especially over critical infrastructure – to help organisations identify, assess, and manage cyber risks. Management and risk managers should focus on using business drivers to guide cybersecurity activities and considering cybersecurity risks as part of the organization’s risk management processes. At the core of this program is a set of cybersecurity activities, outcomes, and informative references that are common across sectors and critical infrastructure which organisations should bear in mind. The Framework taught enables organizations – regardless of size, degree of cybersecurity risk, or cybersecurity sophistication – to apply the principles and best practices of risk management to improve security and resilience. The program teaches a flexible way to address cybersecurity, including cybersecurity’s effect on physical, cyber, and people dimensions. It is applicable to organizations relying on technology, whether their cybersecurity focus is primarily on information technology (IT), industrial control systems (ICS), cyber-physical systems (CPS), or connected devices more generally, including the Internet of Things (IoT). This can assist organizations in addressing cybersecurity as it affects the privacy of customers, employees, and other parties. The framework taught is not a one–size– fits–all approach: Organization can customize practices, activities and prioritize investments to maximize the impact of each dollar spent.
Only applicable to those seeking a full certification. There are no eligibility requirements for individual modules.
A degree-holder (or its equivalent, and above) with at least 1.5 years relevant working experience OR a non-degree holder with at least 7 years relevant working experience
- Internal Audit and Assurance professionals
- C-Level executives and head of departments who are decision-makers in their organisations
- Risk management professionals
- Non-risk management professionals working in Corporate Planning, Strategy, Governance, Compliance, Operations, Investment, Treasury, Product Development, Regulators, Legal, Quality, Environmental Health & Safety, Project Management, Insurance, Underwriting, and other related areas.
To become fully certified, participants will be assessed based on the following criteria:
- Attendance and participation in class
- Multiple choice examination