Show as: Mobile

Auditing the Enterprise Risk Management Process - UK-OAR341

ACI Learning
Course summary
2,395 USD excl. VAT
Online courses
Professional Training

Auditing the Enterprise Risk Management Process - UK-OAR341

Auditing the Enterprise Risk Management Process - UK-OAR341

This course covers traditional and alternative ERM methods, structures, and tools for establishing a risk management program. You will learn about the essential ingredients and why they are critical, and how an oversight tool should work.

If you want to find out more about Auditing the Enterprise Risk Management Process - UK-OAR341, you can make an information request below and the school will contact you with further information.

Suitability - Who should attend?

Audit directors and managers, risk officers, internal and external auditors, information technology auditors, and operations managers


  • Risk School (OAR321) or equivalent risk assessment experience

Outcome / Qualification etc.

Completion of this course is worth 24 CPE Credits

Training Course Content

You will learn the characteristics and functionality of effective ERM programs, and how auditors can evaluate the risk management process.


Defining the Key Components of ERM and the History of Same

  • the original 2004 COSO model and its key features that differentiated it from the COSO model
  • the new COSO migration to the more business centric strategy and the ramifications of same
  • other pronouncements and models that have major implications for how ERM is implemented

Structuring an Effective ERM Organization and Framework

  • the risk organizational structure
  • makeup
  • reporting structure
  • process design
  • operating format
  • mapping the organization to determine the natural risk assessment framework
  • methods of developing risk inventories to be used as the baseline for ERM
  • searching for commonalities

A Top-Down Risk-Based Approach to Establishing an ERM Process – Key Components

  • identifying risk events
  • assessing risk, probability, and impact
  • risk responses
  • monitoring the ERM process on an ongoing basis
  • evaluating alternative ERM structures: subjective vs. objective
  • system-centric
  • data-centric
  • determining the data/information inventory that will be the primary indicators of risk in each part of the organization
  • establishing the logical data pathway of the risk data indicators that drive to the root cause of organizational failures
  • designing the responsibility spectrum for risk

Integrating Business Risk and Internal Control

  • the concept of business risk
  • determining the relationship of key business risks and internal controls
  • focusing the strategy on fundamental business process
  • understanding the key attributes of outcome and output and its impact on governance
  • using KRIs as the baseline for process-based oversight

Developing an ERM Audit Process:

  • gaining an understanding of the ERM environment
  • risk assessing the ERM environment
  • focusing the audit and establishing the audit scope
  • determining the audit approach/tools/techniques/strategy
  • defining an effective report format to bring about change

Auditing the ERM Process

  • auditing the risk organizational structure: who, what, where, how and why
  • auditing the risk infrastructure for completeness and coverage
  • auditing the information flow of the ERM environment
  • timeliness
  • accuracy
  • usefulness

Auditing the ERM Process

  • evaluation criteria of success for the ERM
  • evaluating the real-world organizational impact of the ERM process in precluding or minimizing risks
  • auditing areas of special concern in ERM, including outsourcing
  • auditing the maintenance and future strategic initiatives within ERM to keep it current and cutting-edge auditing the

Provider: ACI Learning

ACI Learning

At ACI Learning, we train leaders in Cybersecurity, Audit, and Information Technology. Whether you're starting your IT career, mastering your profession, or developing your team, we're with you every step of the way. We believe that training is not a...

Read more and show all courses with this provider

Request information - obligation free

Fill out your details to find out more about Auditing the Enterprise Risk Management Process - UK-OAR341.

  Contact the provider

  Get more information

  Register your interest

Customer Outreach Award


We believe that it should be easy for you to find and compare training courses. 

Our Customer Outreach Award is presented to trusted providers who are excellent at responding to enquiries, making your search quicker, more efficient and easier, too.

Contact information for ACI Learning

ACI Learning

MIS Training Institute
30 Crown Place
EC2A 4EB London

 Show phone number