Risk Management Leaders Forum Agenda

08:30

09:00

09:10

  • Understanding emerging threats within the digital landscape
  • Implementing tools to identify and respond to risks
  • Cyber risk as an opportunity to improve risk management

09:40

  • Assessing the current state of risk culture in an organisation
  • Role of the executive in corporate governance
  • Integrating risk culture at every level of an organisation

10:20

10:50

11:20

  • Ensuring boards understand risk’s effect on business strategy
  • Risk as a tool for business performance management and driving growth
  • Cultivating risk expertise at the board level

11:40

  • Auditing an organisation’s risk management and risk control framework
  • Identifying and evaluating emerging risks
  • Ensuring the integrity of the internal audit function

12:00

  • Identifying the responsible authorities for a BCM plan
  • Ensuring availability of critical services during times of disruption
  • Reviewing, testing and updating business continuity plans

12:20

  • Strategies for addressing the most challenging principles; ‘right to erasure’, ‘data protection by design and by default’ and ‘records of processing activities’
  • Understand the available compliance tools

12:40

01:40

  • Moving from an annual risk assessment to real time risk monitoring 
  • Evolving cyber practices to better fit with risk management frameworks 
  • How the cyber threat makes the difference between resilience and recoverability more important 

02:20

To learn more about sponsorship opportunities and how to get involved in facilitating the interactive roundtable sessions, contact Jacob Almond at jacob.almond@aventedge.com.
Roundtable A: Identifying and managing cybersecurity risks
Roundtable B: Managing and mitigating your organisation’s conduct risk
Roundtable C: Conducting risk assessments around disruptive technologies

03:10

03:40

  • Understanding exposure to operational risk
  • Implementing processes to manage operational risk
  • Ongoing monitoring and reporting on the effectiveness of ORM tools and processes

04:00

  • Designing an effective compliance risk assessment
  • Developing corporate strategies to manage regulatory requirements
  • Lessons from the Royal Commission

04:20

04:30

08:30

09:00

09:10

  • Impact of digital transformation on enterprise risk
  • Impact of ISO 31000 on your organisation
  • Keeping up with emerging technologies

09:40

  • Assessing the current state of risk culture in an organisation
  • Role of the executive in corporate governance
  • Integrating risk culture at every level of an organisation

10:20

10:50

11:10

  • Ensuring boards understand risk’s effect on business strategy
  • Risk as a tool for business performance management and driving growth
  • Cultivating risk expertise at the board level

11:40

  • A broader perspective for optimal risk strategy
  • Searching outside your organisation for the risks that matter
  • Engaging partners to enhance risk mitigation

12:10

  • Adopting a strategic approach to reputational risk management
  • Establishing a crisis response program
  • Managing customer expectations

12:40

01:40

  • Strategies for addressing the most challenging principles: ‘right to erasure’, data protection by design and default’ and ‘records of processing activities’ 
  • Understand the available compliance tools: Documentation of data-collection policies, code of conduct and third-party audits and assessments

02:00

  • Understanding resilience and the impacts disruption can have on your organisation 
  • The principles of resilience and how it applies to your organisation
  • Developing and implementing resilience into an organisation

02:30

Roundtable A: Identifying and managing cybersecurity risks
Roundtable B: Managing and mitigating your organisation’s conduct risk
 
Roundtable C: Conducting risk assessments around disruptive technologies

03:30

03:50

  • Defining business-critical processes in the organisation and assessing their technical risk
  • Developing an effective IT risk management framework and communicating it to relevant stakeholders
  • Ensuring continuity of critical functions during and after IT disruptions

04:30

  • Designing an effective compliance risk assessment
  • Developing corporate strategies to manage regulatory requirements
  • Lessons from the Royal Commission

04:50

05:00

Melbourne | Workshop | Friday 31 August 2018
9 am – 5 pm 

Risk management in plain language 

 
Overview

In this hands-on workshop, we will follow the AS/NZS 31000 risk management standard, but avoid arcane ‘risk speak’. Using simple terms and concepts, with many real examples and exercises, we will demonstrate how risk management can easily become an integral part of any decisionmaking process.
 

What will you learn

We will consider each of the formal steps of the risk management process in turn that:
  • Involve people who can and must contribute to a decision
  • Define and appreciate the assumptions being made
  • Test those assumptions by postulating scenarios in terms of what could happen and the potential implications for an organisation’s objectives
  • Understand the uncertainties involved
  • Decide how much uncertainty is acceptable and, therefore, how greater certainty could be obtained
  • Monitor outcomes and any assumptions made to ensure decisions remain valid
We will also address some current jargon like ‘risk appetite’, ‘risk registers’ and ‘key risk indicators’ to see what they really mean. We will examine how they can be translated into rational concepts and practical applications that can be used to aid rather than hinder organisational performance.
Finally, we will deal with the vexed problem of how you ‘integrate’ risk management, and how easy that is to achieve when approached in a straightforward way.

Agenda

 
8:30 Registration and coffee
 
Session 1: 9:00-10:00
Foundations
  • The concept of risk and its management
  • Making decisions and resolving uncertainty
  • What successful organisations look like
  • The ISO 31000 risk management process
  • An alternative, simple language process
  • Obtaining certainty
 
Session 2: 10:00-10:30
Involving people
  • Who are they and why involve them?
  • Stakeholder analysis
  • Planning involvement
  • Exercise
 
10:30 Morning break
 
Session 3: 10:30-11:30
Defining assumptions, objectives and scope
  • Defining assumptions about the external and internal environment
  • Structuring our conversations and thoughts
  • Exercise
 
Session 4: 11:30-12:30
Discovering uncertainty
  • Postulating scenarios (‘risks’) to test our assumptions
  • Forms of discussion
  • Methods 
  • Exercise
 
12:30 Networking Lunch
 
Session 5: 1:30-2:30
Understanding uncertainty
  • What does this mean in practice?
  • The effect of modifiers (controls)
  • Developing your own criteria – exercise
 
Session 6: 2:30-3:30
Evaluating and modifying uncertainty
  • What do risk appetite and risk tolerance really mean?
  • Testing options
  • Costs and benefits
  • Exercise
 
3:30 Afternoon tea
 
Session 7: 3:45-4:30
Monitoring and reviewing
  • Ensuring decisions remain valid
  • Monitoring and, separately, reviewing key controls
  • What Key Risk Indicators really are, and how to develop and use them
 
Session 8: 4:30-5:00
Integration into decision making
  • Isn’t your risk management already integrated?
  • Barriers to integration and effectiveness
  • Strategies to support integration
 
5:00 End of Workshop

Workshop Leader

 
Dr Dale F Cooper, Director
Broadleaf Capital International
 
Dale Cooper has over 40 years’ experience as a senior line manager and an international consultant. He established Broadleaf Capital International in 1991. Broadleaf provides high-level assistance and advice on all aspects of risk management, including the development and implementation of corporate risk management processes, qualitative and quantitative risk assessments, independent peer reviews and risk management training, for many large public and private sector clients in Australasia and overseas. 
 
Dale Cooper is a member of the Standards Australia Join Technical Committee OB-007 that developed the Standard for Risk Management AS/NZS 4360 (the precursor to ISO 31000), and a Nominated Expert on IEC Technical Committee 56. He has been the independent Chairman of two Audit and Risk Committees and an independent member of two others. He is currently an independent member of the Audit and Risk Committee for the NSW Office of Environment and Heritage. 
 
Back to main page