Risk Management Specialist, ISO 31000: 2018
COURSE OBJECTIVES
- Good understanding of the concept, principles and trends governing risk management and the associated international infrastructure in the current economic and social environment;
- Good understanding of the context in which the integrated management of the organization’s risks operates, of the legal and regulatory requirements, of the standards of good practice applicable to the organizations;
- Knowledge of the requirements of the international standard ISO 31000 and understanding of the integrative role of this international standard in the context of the multitude and diversity of requirements at organizational level regarding risk management;
- Understanding the concepts promoted through the main standards that operate with notions in the field of organizational risk: 22301, 27005, 14001, 45001 etc.
- Understanding the requirements regarding the management of the integrated risk management process within the organization;
- Understanding the requirements regarding the implementation of adequate risk assessment methods (identification, analysis, estimation), regarding the establishment of the evaluation criteria and the acceptability threshold;
- Understanding “4T” Risk Management Requirements: Tolerance, Treatment, Transfer and Termination
- Ability to plan the implementation and management of a risk management system in the organization
Curriculum
- 6 secțiuni
- 61 de lecții
- Pe viață
Extinde toate secțiunileRestrânge toate secțiunile
- Module 19
- 2.0Basics of risk management, national and international regulatory framework: Definitions, classifications, standards & codes of good practice, authorities;
- 2.1The evolution of the risk management concept;
- 2.2Definitions
- 2.3History and trends in risk management;
- 2.4Principles and approaches;
- 2.5National and international regulatory framework;
- 2.6National and international authorities and forums (IRM, FERMA, RMA, ISO, ISACA etc)
- 2.7Regulations, codes of good practice, standards (31000, 22301, 27005, SOX, BASEL II, COBIT, OCTAVE, CRAMM etc.)
- 2.8Examples of methods and analysis tools with wide applicability in areas with risk exposure: construction, banking, IT&C, etc.
- Module 25
- 3.0The concept of integrated risk management of the organization
- 3.1Risk categories that influence the functioning / performance of the organization
- 3.2Legal requirements applicable to organizations according to the international and national regulatory framework (environment, occupational health and safety, information security, copyright, social responsibility, etc.)
- 3.3Standards and codes of good practice applicable in organizations as de facto standards (ISO family, BS standards, directives)
- 3.4Integrated approach to the organization’s risk management requirements
- Module 314
- 4.0International harmonization of risk management requirements through standardization at ISO level, ISO 31000 standard
- 4.1Principles of risk management
- 4.2Design of the organizational framework according to SR EN ISO 31000
- 4.3Establishing policies regarding the organization’s risks
- 4.4Establishing the organizational structure and responsibilities for risk management
- 4.5Determining the resources necessary for the implementation and operation of the risk management system
- 4.6Establishing communication methods
- 4.7Implementing risk management
- 4.8Implementing the organizational framework
- 4.9Implementation of the risk management process
- 4.10The risk management process
- 4.11Establishing the organizational context
- 4.12Risk identification, analysis and estimation (assessment)
- 4.13Risk management
- Module 46
- 5.0International harmonization of business continuity requirements through standardization at ISO level, ISO 22301 standard, „Business continuity management systems”, in brief
- 5.1Establishing business continuity management strategies
- 5.2Risk analysis in business continuity management systems
- 5.3Planning and documenting continuity management systems
- 5.4Testing continuity management systems
- 5.5Continuous monitoring and improvement
- Module 510
- 6.0Risk management in projects according to PMI PMBoK and ISO 21500 standard: “Project management”
- 6.1Peculiarities in the implementation of risk management in projects
- 6.2Risk management as a PM process
- 6.3PM Subprocesses (PMBoK PMI)
- 6.4Risks versus problems in project management
- 6.5Risk planning in projects
- 6.6Responsibility and authority in risk management
- 6.7Risk management plan
- 6.8Methods of risk analysis specific to IT&C projects: FRAP, 27005
- 6.9Construction: IPRA
- Module 617
- 7.0Integrated risk management as an organizational process
- 7.1Strategic risk management
- 7.2Risk management and business model
- 7.3Establishing policies and objectives in the field of risk management
- 7.4Establishing the organizational architecture (structure) of risks
- 7.5Creating the organizational culture regarding risk management: training, information, awareness, communication
- 7.6Creating risk management plans
- 7.7Operational risk management
- 7.8Risk management related to operational processes
- 7.9Integration of „risk nomenclatures”: business continuity, financial losses, loss of information, environment, health and safety at work, social responsibility, etc.
- 7.10Establishing quantitative / qualitative analysis methods
- 7.11Establishing the evaluation criteria and the acceptability threshold
- 7.12Carrying out the risk management process
- 7.13Risk management, the „4T”: Tolerance, Treatment, Transfer and Termination
- 7.14Risk measurement and monitoring
- 7.15Measurement by conformity assessment with internal standards / standards / procedures (internal audit)
- 7.16Improving the integrated risk management mechanism of the organization.
