MODULES

The five modules of the PA-CRP have been selected to ensure that the topics covered represents the professional knowledge and competences required by risk and insurance managers in today’s dynamic and complex world.

MODULE 1
Introduction to Risk Management

MODULE 2
Integrated Risk Management

MODULE 3
Operational Risk Management

MODULE 4
Risk Treatment & Financing Practices

MODULE 5
Risk Management Framework & Documentation

The joint collaboration between PARIMA and ANZIIF represents two not-for-profit associations coming together to improve the community standards of risk and insurance management.

Successful candidates will be equipped with the fundamentals of risk management and be able to integrate and operationalise risk management into their organisations.

MODULE 1

Introduction to Risk Management

This module tackles the theory, concepts and processes of risk management. It covers the broad areas and provides a good foundation for each of the general aspects of risk management. It also outlines the risk management policy and framework and gives an in-depth breakdown of the five phases of the risk management process.

Part 1: The Theory and Practice of Risk Management

Outlines the risk management policy and framework, which form the foundations of the risk management process. Learning outcomes: Upon completing this section, the student should be able to:
  • Define a risk management framework
  • Describe the contents of a risk management framework
  • Recall some of the required steps in the successful implementation of risk management
  • Recall the five major steps of the risk management process
Provides an introduction and overview to the theory of risk management and begins to identify how the theory is applied in a practical context. This section also describes the evolution of risk and risk management, as well as the current state of risk management as a discipline. Learning outcomes: Upon completing this section, the student should be able to:
  • Define risk and risk management
  • describe the principle of risk and risk management
  • Describe related risk management standards

Part 2: The Risk Management Process

Provides an introduction and overview to the theory of risk management and begins to identify how the theory is applied in a practical context. This section also describes the evolution of risk and risk management, as well as the current state of risk management as a discipline. Learning outcomes: Upon completing this section, the student should be able to:
  • Describe the benefits of effective risk management communication
  • Recall examples of internal and external stakeholders
  • Distinguish between internal and external stakeholder risk management tasks.
This section provides you with an overview of establishing the context, the second step in the risk management process. This step involves defining the strategic, organizational and risk management contexts of an organization. Learning outcomes: Upon completing this section, the student should be able to:
  • Describe what it means for an organization to establish a risk management context
  • Define the key elements of the risk management context
  • Describe the benefits of establishing the risk management context
  • Define and provide examples of external and internal context factors
This section describes risk assessment, the next phase in the risk management process and focuses on the first step – identify risks. Learning outcomes: Upon completing this section, the student should be able to:
  • Define risk assessment
  • Describe the purpose and benefits of risk assessment
  • Recall the three steps of risk assessment
  • Define risk identification
  • Define a risk exposure
  • Describe the four characteristics of risk exposures
  • Describe the risk identification techniques you can use to obtain the following information: – historical data – theoretical analysis – informed and expert opinions/stakeholder needs
  • Describe the risk register
This section describes risk analysis, which is the next step in the risk management process. Learning outcomes: Upon completing this section, the student should be able to:
  • Define risk assessment
  • Describe the purpose and benefits of risk assessment
  • Recall the three steps of risk assessment
  • Define risk identification
  • Define a risk exposure
  • Describe the four characteristics of risk exposures
  • Describe the risk identification techniques you can use to obtain the following information: – historical data – theoretical analysis – informed and expert opinions/stakeholder needs
  • Describe the risk register
This section describes risk evaluation – the final step in the risk assessment sub-process. Learning outcomes: Upon completing this section, the student should be able to:
  • Define risk evaluation
  • Describe the purpose of risk evaluation
  • Describe the benefits of risk hierarchies
  • Describe the relationship between risk exposure evaluation and an organisation’s risk appetite
  • Describe the importance of having comprehensive information in calculating the likelihood and consequence of a risk exposure
  • Recall some of the practical considerations affecting the ranking of relative sizes of risks.
This section describes risk evaluation – the final step in the risk assessment sub-process. Learning outcomes: Upon completing this section, the student should be able to:
  • Define risk treatment
  • Recall approaches an organization can take if a risk is at an unacceptable level
  • Describe the cost trade-offs of treating risk exposures
  • Describe the following two types of risk sharing: – Risk control – Risk financing
  • Recall examples of risk treatment activities
  • Describe the two phases of establishing and implementing a risk management treatment process
  • Describe the objectives of risk treatments/controls
  • Evaluate the effectiveness of existing risk treatments/controls
This section provides an overview of the monitoring and review process. Learning outcomes: Upon completing this section, the student should be able to:
  • Define risk treatment
  • Recall approaches an organization can take if a risk is at an unacceptable level
  • Describe the cost trade-offs of treating risk exposures
  • Describe the following two types of risk sharing: – Risk control – Risk financing
  • Recall examples of risk treatment activities
  • Describe the two phases of establishing and implementing a risk management treatment process
  • Describe the objectives of risk treatments/controls
  • Evaluate the effectiveness of existing risk treatments/controls

MODULE 2

Integrated Risk Management

This module aims to develop students’ knowledge and skills in integrating Risk Management across the whole organisation. More specifically, this module explores the link between developing an effective organisational framework for the management of risk and on organisation’s strategic planning, aims and management.

Integrated Risk Management is divided into eight sections:

This section highlights the need for integrated management and explores its relationship with risk management. Learning outcomes: Upon completing this section, the student should be able to:
  • Recall some ways modern organizations can compete more effectively in the marketplace
  • Describe the disadvantages of a silo-based approach to risk management
  • Define integrated risk management
  • State some of the drivers behind organizations beginning to integrate the management of risk
  • Describe the benefits of integrated risk management
  • Describe the aim of integration
  • Describe the role of good corporate governance
  • Identify the relationship between corporate governance and effective management
  • Recall some of the Australian Securities Exchange’s (ASX’s) principles of good corporate governance
  • Define the purpose of the corporate governance framework
  • Categorize organizational activities according to the three levels of formalization in risk management
  • Distinguish between formal and informal risk management
This section discusses the importance of leaders and managers tasked with championing integrated risk management across the management system. Learning outcomes: Upon completing this section, the student should be able to:
  • Distinguish between traditional and modern management models
  • State the traditional and revised definitions of effective management
  • Distinguish between the role of operational and strategic management
  • State the primary role of management
  • Describe systems theory and contingency theory
  • Recall the formula for organizational survival
  • Distinguish between leadership and management
  • Describe the purpose and responsibilities of a frontline or line manager
This section describes the importance of strategic management in helping to steer the organization along a path of growth and success. The section explains 1) the importance of strategic planning in achieving effective management, 2) the role of risk management at the strategic level, 3) how to integrate risk management within the strategic planning and management process and 4) the development of a robust risk management framework. Learning outcomes: Upon completing this section, the student should be able to:
  • Outline the management process
  • Recall the four functional components of the management process, including their purpose
  • Order the five key stages in the planning process
  • Describe the five functional elements of organizing Identify additional factors which influence leadership in the management process
  • Define a risk management implementation plan
  • Describe how organizations can map the implementation of the risk management implementation plan against the four functional components of the management process.
This section explores the practical applications of management principles, philosophies and processes. It also describes the application of the management process in the management of risk. Finally, this section describes the application of the management process in the management of risk, including establishing 1) a risk management plan, 2) a risk management implementation plan, and 3) an integrated risk management framework. Learning outcomes: Upon completing this section, the student should be able to:
  • Outline the management process
  • Recall the four functional components of the management process, including their purpose
  • Order the five key stages in the planning process
  • Describe the five functional elements of organizing
  • Identify additional factors which influence leadership in the management process
  • Define a risk management implementation plan
  • Describe how organizations can map the implementation of the risk management implementation plan against the four functional components of the management process.
This section explores the importance of decision-making and describes the principles underpinning each decision type. It also explores the role of decision-making as a key component in the risk management process. Finally, this section describes how senior management determines the level of the organization which should make decisions about the management of particular risks. Learning outcomes: Upon completing this section, the student should be able to:
  • State the three key components of opportunity-based risk management
  • Describe the three benefits of taking opportunity-based risks
  • Define decision-making
  • Describe the three main problem categories for which organizations need to make decisions
  • Describe the two main categories for managerial decisions
  • Describe the three conditions under which managers make decisions
  • Describe the rational and cognitive approaches to decision-making
  • Describe the four stages of the rational decision-making process
  • Explain the relationship between risk and decision-making
  • Identify the direct linkages between the decision-making process and the stages in the risk management process
  • Recall some of the specific tools organizations can use to further enhance the effectiveness of their decisions
  • Explain the importance of establishing levels of accountability for decision-making
This section examines the principles involved in work organisation, including the relative benefits of simple, complex and matrix structures. The section also describes issues concerned with communication within organisations. Finally, this section examines different organisational approaches to developing risk management implementation plans. Learning outcomes: Upon completing this section, the student should be able to:
  • Define an organisational structure
  • Describe the key drivers of the organisational structure
  • Distinguish between simple, complex and matrix organisational structures
  • Define communication
  • Describe the three directions of communication of information as a result of integrated management systems
  • Describe the importance of ensuring information management systems are designed to share information across the organisation
  • Describe the communication benefits of the matrix organisational structure
  • Describe the formal and informal categories of the communication network
  • Describe the benefits of recording workplace information in relation to the risk management process
  • Recall some of the workplace information aspects organisations should record
  • Discuss the effect of organisational structure on the implementation of a risk management implementation plan
  • Describe how communication channels facilitate effective risk management.
This section describes the importance of management reporting with respect to the upward communication of information, including the purpose and benefits of reporting from a business and legal perspective. This section also addresses the what, why, when and how of reporting on risk management strategies. Learning outcomes: Upon completing this section, the student should be able to:
  • Define a report
  • Describe the importance of reporting in the management process
  • Describe the main functions of management reports
  • Describe the manager’s dual analytical roles in relation to the management report
  • State the four characteristics of useful information
  • Describe the role of the manager in analyzing a management report
  • Describe the importance of a risk reporting framework
  • Recall a few potential sources of risk reporting.
This section examines the process involved in identifying and monitoring stakeholders and key stakeholders relationships. The section also provides guidelines for establishing service structures for stakeholder relationship, with a view to achieving organisational goals. Learning outcomes: Upon completing this section, the student should be able to:
  • Define a stakeholder
  • Describe the importance of stakeholder management
  • Describe stakeholder engagement
  • Recall the benefits of effective stakeholder management
  • Recall the three types of stakeholder groups
  • State the purposes of a stakeholder analysis
  • Describe stakeholder groupings based on a stakeholder’s information
  • contribution and resistance to change
  • Describe the importance of stakeholder map.

MODULE 3

Operational Risk Management

This module is designed to assist an operational manager in managing the organization’s operational risks. It also considers how the organisation must integrate the practice of the management of operational risk with governance requirements, and the responsibility & accountability for the cost of operational risk.

Operational Risk Management is divided into six sections:

This section provides a clear understanding of the concept of risk and development of skills in risk management, an essential for line and operational managers to ensure their operational areas contribute to creating the organisation’s vision of the future. Learning outcomes: Upon completing this section, the student should be able to:
  • Define operational management
  • Recall some examples of operational activities
  • State the main responsibility of the operational manager
  • List some common ways in which organisations structure their operational units
  • Describe the negative consequences of silo-oriented organizational cultures
  • Describe the factors operational managers need to identify and understand to be able to apply risk management within a wide range of organisations
  • Describe the most common organizational types
  • Describe the common organizational attributes
  • Describe the three major components of all organisations
  • Distinguish between inputs and outputs
  • Recall some of the categories for grouping organizational outputs
  • Define an organisation in the context of the business process between inputs and outputs
  • Recall some examples of opportunities of which organisations can take advantage in a changing market
  • Define strategic planning
  • Recall some of the areas in which strategic plans involve decisions
  • Distinguish between strategic and operational plans
  • Describe the key components of managing operational risk
  • Distinguish between past and present approaches to managing operational risks
  • Recall some typical sources of operational risk
  • Describe some of the consequences of losses resulting from operational risks
  • Describe the impact of seasonal variations on losses resulting from operational risks
  • Describe the two critical background issues associated with operational risk management.
This section outlines the steps, techniques and tools that can assist in establishing the context of operational risk exposures. Learning outcomes: Upon completing this section, the student should be able to:
  • Describe the purpose of establishing the context of operational risk
  • Identify some examples of the fundamental aspects of the operational risk context.
  • Describe the elements of an operation’s internal and external environment.
  • Explain the significance and role of internal and external stakeholders in establishing the operational risk context.
  • Define stakeholder pre-loss and post-loss objectives.
  • Describe the importance of a helicopter view of risk.
  • Describe various techniques for stakeholder consultation
  • Describe various techniques for stakeholder consultation.
  • Describe the ways in which stakeholders add value to the operational risk management process.
  • Recall the four types of operational risk.
  • Outline the importance of creating criteria for a hierarchy of risks.
  • Order the broader risk categories in the hierarchy of risks.
  • Recall some of the fundamental legislative Acts and regulations with which your operation is required to comply.
This section examines critical issues of which operational managers need to be aware as they undertake risk identification, a fundamental element in the operational risk management process. The section also explores the need to describe, or express and communicate a risk, through statements highlighting the benefits of risk management for an operation. Finally, this section analyses the application of a risk matrix. Learning outcomes: Upon completing this section, the student should be able to:
  • Recall some of the consequences of an operation failing to adequately identify its risk exposures.
  • Recall some of the open questions organisations can ask to begin the risk identification process.
  • Recall some of the stakeholders who could contribute to operational risk identification.
  • Describe some of the issues operational managers need to consider that may affect successful risk identification in their operations.
  • Identify some of the consequences of operational areas failing to communicate.
  • Recall key elements of a risk statement.
  • Describe the components of a well-written risk statement.
  • Recall the formula for a consistent risk statement.
  • Summarise the advantages of expressing risks in a simple narrative format.
  • Recall the key risk components a risk statement.
  • Define a risk matrix.
  • Identify inputs of the operation exposed to risk.
  • Identify generic sources of operational risk, which organisations can use to construct a typical risk matrix.
  • Recall some of the questions managers can ask to complete their identification of operational risks.
  • Identify independent risk identification techniques organisations can apply in the process of identifying risks in an operation.
  • Recall some of the typical techniques that designated risk managers or professionals can use to engage others in the risk identification process.
This section considers the techniques by which the operational manager can find a practical balance between the many risks and few resources inherent in the risk management process. Learning outcomes: Upon completing this section, the student should be able to:
  • Define operational risk analysis.
  • Describe the process of analysing identified risks against goals and objectives.
  • Recall some of the outcomes of a critical risk analysis.
  • Describe the purpose of measuring levels of impact.
  • Define the components which determine the level of risk.
  • Identify sources of information about how often a particular risk is likely to occur and the potential consequences if the risk does occur.
  • Recall the most frequently used types of analysis.
  • Describe some of the factors which can influence the organisation’s selection of a particular analysis method.
  • Define qualitative risk analysis methods.
  • Define semi-quantitative risk analysis methods.
  • Define quantitative methods of analysis.
  • Describe what is involved when beginning the operational risk treatment process.
  • Describe the major objective of the risk treatment process.
  • Outline the importance of a board-level defined risk appetite and tolerance in operational decision making.
  • Recall some of the abilities associated with selecting and implementing operational risk treatments.
  • Recall some of the factors on which selecting the most suitable risk treatment options depend.
  • Describe some of the categories organisations can use to classify identified risk treatments.
  • Outline what the operational manager need to do if the organisation requires new risk treatments.
  • Recall some examples of resources organisations can draw upon in the risk treatment phase.
  • Recall some of the elements a typical risk treatment plan may include.
  • Recall some of the aspects of the operation’s normal management plans and processes that organisations must integrate into their risk treatment action plans
  • List some of the elements that a typical one-page risk treatment action plan contains.
This section provides an overview of evaluation techniques for identifying the cost of high and low-level risks and losses. Learning outcomes: Upon completing this section, the student should be able to:
  • Describe the broader definition of operational risk management.
  • Describe the critical elements or concepts in the evaluation process.
  • Describe the importance of evaluating high level risks.
  • Recall key steps of the risk review session.
  • Recall typical examples of acceptable sustainable losses.
  • Recall some of the factors that could cause a sudden shift in the level of a risk considered low.
  • Identify scenarios for which organisations may need to re-evaluate the appropriateness of treatments for low risks.
This section tackles the final operational management step within the risk management process -implementing systems, processes and procedures to control and monitor operational risks. Learning outcomes: Upon completing this section, the student should be able to:
  • Explain the different characteristics of known (type 1) and unknown (type 2) risks
  • Identify some ‘checks and balances’ an operation can adopt to integrate type 1 risk control and monitoring into its activities.
  • Distinguish between risk treatment assurance measures for type 1 and type 2 risk treatments.
  • Describe the elements of a treatment implementation plan.
  • Distinguish between measures of activity and measures of outcomes.
  • Describe the purpose of using KPIs in operational environments.
  • Describe characteristics of KPIs appropriate to use in an operational setting.
  • Recall some of the factors which form an important part in monitoring how well a risk treatment implementation program contributes to risk mitigation.
  • Describe key information incident reports should capture.
  • Recall some auditing tools organisations can use in addition to mini-reviews and general auditing.
  • Describe the purpose of implanting the operational risk treatment plan in conjunction with other operational units.
  • Locate resources to assist in integrating risk management into the operational framework.
  • Describe the criticality of employee acceptance of the operational risk management process.
  • Describe the different approaches in implementing risk treatment plans required for each risk type
  • Identify the key elements of the process for implementing and monitoring risk treatment actions and activities
  • Undertake the steps required to carry out the process for implementing and monitoring risk treatment actions and activities
  • Describe a structure or framework for integrating a risk treatment implementation and monitoring program into different operational environments
  • Describe and apply a systematic process for effectively integrating the management of risk into operational systems, culture and management.

MODULE 4

Risk Treatment & Financing Practices

This module is designed to examine risk treatment & financing issues, such as selection of risk treatments, preparing risk treatment & financing plans, implementing plans and monitoring & reviewing the risk treatment & financing process. It will also help you develop an understanding of risk treatment and financing processes.

Risk Treatment and Financing Practices is divided into six sections:

This section looks at the meaning of risk treatment and risk financing and briefly describes various types of risk treatment and financing. The section outlines how risk treatment and risk financing fit within the risk management process. The section also examines the importance of risk treatment and financing and the consequences of not applying appropriate treatment and financing strategies. Learning outcomes: Upon completing this section, the student should be able to:
  • Identify the roles of risk treatment and risk financing in an organisation and determine how they fit into the risk management process
  • Describe risk financing options such as insurance, funded and unfunded loss reserves, a line of credit, captive insurers and mutual pools
  • Explain the importance of risk treatment and financing, and the consequences of not applying these strategies.
This section tackles the processes that underpin risk treatment and risk financing. The process involves identifying, assessing and selecting appropriate risk treatment and financing options. The section also looks at preparing a risk treatment and financing plan and how such plans are implemented, monitored and reviewed. Learning outcomes: Upon completing this section, the student should be able to:
  • Describe the risk treatment and financing process
  • Identify risk treatment and financing options
  • Assess and select risk treatment and financing options
  • Prepare a risk treatment and financing plan
  • Describe how to implement, monitor and review a risk treatment and financing plan.
This section discusses utilizing the various techniques for identifying and designing risk treatments. It explains the principles of risk allocation and how they apply to the main categories of risk treatment. The section also examines how cost-benefit analysis is used to select appropriate risk treatments. Learning outcomes: Upon completing this section, the student should be able to:
  • Describe how to utilize various techniques for identifying and designing risk treatments
  • Explain the principles of risk allocation and how they apply to the main categories of risk treatment
  • Utilize cost–benefit analysis in selecting appropriate risk treatments.
This section examines how financial risk retention levels are established and set, and the internal and external considerations associated with setting these levels. The section outlines the key issues for consideration when establishing traditional risk financing programs, such as risk retention and risk sharing issues. Finally, the section looks at advanced risk financing strategies such as integrated covers and programs, dual trigger policies, captive insurers, finite/blended risk policies, contingency capital, weather derivatives, insurance linked securities. Learning outcomes: Upon completing this section, the student should be able to:
  • Explain how financial risk retention levels are established
  • Assess the internal and external considerations for an organisation planning its risk retention strategies
  • Explain the traditional and advanced risk financing methods
  • Assess options for risk treatment and risk financing strategies
  • Utilize relevant information in determining appropriate risk financing strategies.
This section discusses the general principles for preparing risk treatment and financing plans. It examines options for preparing plans, communication strategies for treatment plans, implementation of plans and integration into existing organisational policies procedures and frameworks. Learning outcomes: Upon completing this section, the student should be able to:
  • Apply general principles for preparing risk treatment and financing plans
  • Prepare risk treatment and risk financing plans
  • Identify risk communication issues in a risk treatment plan
  • Determine effective implementation strategies for executing risk treatment and financing plans.
This section focuses on the monitoring and review of risk treatment and risk financing to ensure that risk exposures are effectively managed. The section looks at establishing a monitoring and review regime within an organisation and the organisational performance criteria for monitoring and review of risk treatment and financing. Learning outcomes: Upon completing this section, the student should be able to:
  • Monitor and review risk treatment and financing plans
  • Utilize appropriate recording methods to ensure that risk treatment and financing plans and processes are conducted and maintained.

MODULE 5

Risk Management Framework & Documentation

This module covers the advanced application of risk management principles and practices. The objective of this module is to provide the knowledge and skills to plan and implement an enterprise-wide risk management framework within an organisation and to identify, develop and maintain adequate supporting documentation.

Risk Management Framework and Documentation is divided into four sections:

This section provides an overview of the reasons a risk management framework may be introduced into an organisation, the benefits it will derive from doing so and the linkages to some of the core organisational functions (compliance, corporate governance etc.). The module also introduces the key elements that comprise a risk management framework, the documentation that underpins the successful implementation and the manner in which the framework should be implemented. Learning outcomes: Upon completing this section, the student should be able to:
  • Understand the links between risk management and allied activities such as: compliance, internal audit, assurance and corporate governance
  • Describe the principles and benefits of risk management
  • Describe the benefits of developing a risk management framework
  • Outline the differences between a number of the risk management frameworks detailed in risk management standards throughout the world
  • Understand the elements that go into developing a risk management framework.
Learning outcomes: Upon completing this section, the student should be able to:
  • Identify the key elements of a risk management framework
  • Describe the important requirements for implementing a risk management framework
  • Analyse the effectiveness of an existing risk management framework.
This section provides greater detail in relation to the elements of a risk management framework introduced in section one. The points discussed in this section are:
  • Ensuring the support of senior management from the outset
  • Integrating risk management into strategic and business planning
  • Reviewing the current risk management systems (if any exist)
  • Determining how risk exposures will be managed at each level of the organisation
  • Communicating risk matters with relevant stakeholders
  • Establishing responsibilities, accountability and authority
  • Customizing the risk management process for the organisation
  • Providing training to staff
  • Resourcing risk management within the organisation
  • Establishing how the will be monitored and reviewed (including post-event analysis)
  • Establishing how risk management will be reported within the organisation.
Learning outcomes: Upon completing this section, the student should be able to:
  • Describe the contents of an effective risk management policy
  • Describe the contents of an effective risk management manual/plan
  • Identify the content requirements of an effective risk register within an organisation
  • Identify the format for risk treatment plans
  • Identify the types of monitoring, reviewing and auditing documents
  • Describe the format and information found within an incident database.
Learning outcomes: Upon completing this section, the student should be able to:
  • Describe the different phases in the implementation of the risk management framework
  • Identify the information requirements for an implementation plan
  • Describe the communications requirement for the implementation plan
  • Identify the potential barriers to the successful implementation of the framework
  • Apply some of the methodologies that can be employed to overcome resistance to change.

MODULE 1

Introduction to Risk Management

This module tackles the theory, concepts and processes of risk management. It covers the broad areas and provides a good foundation for each of the general aspects of risk management. It also outlines the risk management policy and framework and gives an in-depth breakdown of the five phases of the risk management process.

Part 1: The Theory and Practice of Risk Management

Outlines the risk management policy and framework, which form the foundations of the risk management process.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Define a risk management framework
  • Describe the contents of a risk management framework
  • Recall some of the required steps in the successful implementation of risk management
  • Recall the five major steps of the risk management process

Provides an introduction and overview to the theory of risk management and begins to identify how the theory is applied in a practical context. This section also describes the evolution of risk and risk management, as well as the current state of risk management as a discipline.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Define risk and risk management
  • describe the principle of risk and risk management
  • Describe related risk management standards

Part 2: The Risk Management Process

Provides an introduction and overview to the theory of risk management and begins to identify how the theory is applied in a practical context. This section also describes the evolution of risk and risk management, as well as the current state of risk management as a discipline.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Describe the benefits of effective risk management communication
  • Recall examples of internal and external stakeholders
  • Distinguish between internal and external stakeholder risk management tasks.

This section provides you with an overview of establishing the context, the second step in the risk management process. This step involves defining the strategic, organizational and risk management contexts of an organization.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Describe what it means for an organization to establish a risk management context
  • Define the key elements of the risk management context
  • Describe the benefits of establishing the risk management context
  • Define and provide examples of external and internal context factors

This section describes risk assessment, the next phase in the risk management process and focuses on the first step – identify risks.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Define risk assessment
  • Describe the purpose and benefits of risk assessment
  • Recall the three steps of risk assessment
  • Define risk identification
  • Define a risk exposure
  • Describe the four characteristics of risk exposures
  • Describe the risk identification techniques you can use to obtain the following information:
    – historical data
    – theoretical analysis
    – informed and expert opinions/stakeholder needs
  • Describe the risk register

This section describes risk analysis, which is the next step in the risk management process.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Define risk assessment
  • Describe the purpose and benefits of risk assessment
  • Recall the three steps of risk assessment
  • Define risk identification
  • Define a risk exposure
  • Describe the four characteristics of risk exposures
  • Describe the risk identification techniques you can use to obtain the following information:
    – historical data
    – theoretical analysis
    – informed and expert opinions/stakeholder needs
  • Describe the risk register

This section describes risk evaluation – the final step in the risk assessment sub-process.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Define risk evaluation
  • Describe the purpose of risk evaluation
  • Describe the benefits of risk hierarchies
  • Describe the relationship between risk exposure evaluation and an organisation’s risk appetite
  • Describe the importance of having comprehensive information in calculating the likelihood and consequence of a risk exposure
  • Recall some of the practical considerations affecting the ranking of relative sizes of risks.

This section describes risk evaluation – the final step in the risk assessment sub-process.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Define risk treatment
  • Recall approaches an organization can take if a risk is at an unacceptable level
  • Describe the cost trade-offs of treating risk exposures
  • Describe the following two types of risk sharing:
    – Risk control
    – Risk financing
  • Recall examples of risk treatment activities
  • Describe the two phases of establishing and implementing a risk management treatment process
  • Describe the objectives of risk treatments/controls
  • Evaluate the effectiveness of existing risk treatments/controls

This section provides an overview of the monitoring and review process.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Define risk treatment
  • Recall approaches an organization can take if a risk is at an unacceptable level
  • Describe the cost trade-offs of treating risk exposures
  • Describe the following two types of risk sharing:
    – Risk control
    – Risk financing
  • Recall examples of risk treatment activities
  • Describe the two phases of establishing and implementing a risk management treatment process
  • Describe the objectives of risk treatments/controls
  • Evaluate the effectiveness of existing risk treatments/controls
 

MODULE 2

Integrated Risk
Management

This module aims to develop students’ knowledge and skills in integrating Risk Management across the whole organisation. More specifically, this module explores the link between developing an effective organisational framework for the management of risk and on organisation’s strategic planning, aims and management.

Integrated Risk Management is divided into eight sections:

This section highlights the need for integrated management and explores its relationship with risk management.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Recall some ways modern organizations can compete more effectively in the marketplace
  • Describe the disadvantages of a silo-based approach to risk management
  • Define integrated risk management
  • State some of the drivers behind organizations beginning to integrate the management of risk
  • Describe the benefits of integrated risk management
  • Describe the aim of integration
  • Describe the role of good corporate governance
  • Identify the relationship between corporate governance and effective management
  • Recall some of the Australian Securities Exchange’s (ASX’s) principles of good corporate governance
  • Define the purpose of the corporate governance framework
  • Categorize organizational activities according to the three levels of formalization in risk management
  • Distinguish between formal and informal risk management

This section discusses the importance of leaders and managers tasked with championing integrated risk management across the management system.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Distinguish between traditional and modern management models
  • State the traditional and revised definitions of effective management
  • Distinguish between the role of operational and strategic management
  • State the primary role of management
  • Describe systems theory and contingency theory
  • Recall the formula for organizational survival
  • Distinguish between leadership and management
  • Describe the purpose and responsibilities of a frontline or line manager

This section describes the importance of strategic management in helping to steer the organization along a path of growth and success. The section explains 1) the importance of strategic planning in achieving effective management, 2) the role of risk management at the strategic level, 3) how to integrate risk management within the strategic planning and management process and 4) the development of a robust risk management framework.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Outline the management process
  • Recall the four functional components of the management process, including their purpose
  • Order the five key stages in the planning process
  • Describe the five functional elements of organizing
    Identify additional factors which influence leadership in the management process
  • Define a risk management implementation plan
  • Describe how organizations can map the implementation of the risk management implementation plan against the four functional components of the management process.

This section explores the practical applications of management principles, philosophies and processes. It also describes the application of the management process in the management of risk. Finally, this section describes the application of the management process in the management of risk, including establishing 1) a risk management plan, 2) a risk management implementation plan, and 3) an integrated risk management framework.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Outline the management process
  • Recall the four functional components of the management process, including their purpose
  • Order the five key stages in the planning process
  • Describe the five functional elements of organizing
  • Identify additional factors which influence leadership in the management process
  • Define a risk management implementation plan
  • Describe how organizations can map the implementation of the risk management implementation plan against the four functional components of the management process.
 

This section explores the importance of decision-making and describes the principles underpinning each decision type. It also explores the role of decision-making as a key component in the risk management process. Finally, this section describes how senior management determines the level of the organization which should make decisions about the management of particular risks.

Learning outcomes:
Upon completing this section, the student should be able to:

  • State the three key components of opportunity-based risk management
  • Describe the three benefits of taking opportunity-based risks
  • Define decision-making
  • Describe the three main problem categories for which organizations need to make decisions
  • Describe the two main categories for managerial decisions
  • Describe the three conditions under which managers make decisions
  • Describe the rational and cognitive approaches to decision-making
  • Describe the four stages of the rational decision-making process
  • Explain the relationship between risk and decision-making
  • Identify the direct linkages between the decision-making process and the stages in the risk management process
  • Recall some of the specific tools organizations can use to further enhance the effectiveness of their decisions
  • Explain the importance of establishing levels of accountability for decision-making

This section examines the principles involved in work organisation, including the relative benefits of simple, complex and matrix structures. The section also describes issues concerned with communication within organisations. Finally, this section examines different organisational approaches to developing risk management implementation plans.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Define an organisational structure
  • Describe the key drivers of the organisational structure
  • Distinguish between simple, complex and matrix organisational structures
  • Define communication
  • Describe the three directions of communication of information as a result of integrated management systems
  • Describe the importance of ensuring information management systems are designed to share information across the organisation
  • Describe the communication benefits of the matrix organisational structure
  • Describe the formal and informal categories of the communication network
  • Describe the benefits of recording workplace information in relation to the risk management process
  • Recall some of the workplace information aspects organisations should record
  • Discuss the effect of organisational structure on the implementation of a risk management implementation plan
  • Describe how communication channels facilitate effective risk management.

This section describes the importance of management reporting with respect to the upward communication of information, including the purpose and benefits of reporting from a business and legal perspective. This section also addresses the what, why, when and how of reporting on risk management strategies.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Define a report
  • Describe the importance of reporting in the management process
  • Describe the main functions of management reports
  • Describe the manager’s dual analytical roles in relation to the management report
  • State the four characteristics of useful information
  • Describe the role of the manager in analyzing a management report
  • Describe the importance of a risk reporting framework
  • Recall a few potential sources of risk reporting.

This section examines the process involved in identifying and monitoring stakeholders and key stakeholders relationships. The section also provides guidelines for establishing service structures for stakeholder relationship, with a view to achieving organisational goals.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Define a stakeholder
  • Describe the importance of stakeholder management
  • Describe stakeholder engagement
  • Recall the benefits of effective stakeholder management
  • Recall the three types of stakeholder groups
  • State the purposes of a stakeholder analysis
  • Describe stakeholder groupings based on a stakeholder’s information
  • contribution and resistance to change
  • Describe the importance of stakeholder map.

MODULE 3

Operational Risk Management

This module is designed to assist an operational manager in managing the organization’s operational risks. It also considers how the organisation must integrate the practice of the management of operational risk with governance requirements, and the responsibility & accountability for the cost of operational risk.

Operational Risk Management is divided into six sections:

This section provides a clear understanding of the concept of risk and development of skills in risk management, an essential for line and operational managers to ensure their operational areas contribute to creating the organisation’s vision of the future.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Define operational management
  • Recall some examples of operational activities
  • State the main responsibility of the operational manager
  • List some common ways in which organisations structure their operational units
  • Describe the negative consequences of silo-oriented organizational cultures
  • Describe the factors operational managers need to identify and understand to be able to apply risk management within a wide range of organisations
  • Describe the most common organizational types
  • Describe the common organizational attributes
  • Describe the three major components of all organisations
  • Distinguish between inputs and outputs
  • Recall some of the categories for grouping organizational outputs
  • Define an organisation in the context of the business process between inputs and outputs
  • Recall some examples of opportunities of which organisations can take advantage in a changing market
  • Define strategic planning
  • Recall some of the areas in which strategic plans involve decisions
  • Distinguish between strategic and operational plans
  • Describe the key components of managing operational risk
  • Distinguish between past and present approaches to managing operational risks
  • Recall some typical sources of operational risk
  • Describe some of the consequences of losses resulting from operational risks
  • Describe the impact of seasonal variations on losses resulting from operational risks
  • Describe the two critical background issues associated with operational risk management.

This section outlines the steps, techniques and tools that can assist in establishing the context of operational risk exposures.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Describe the purpose of establishing the context of operational risk
  • Identify some examples of the fundamental aspects of the operational risk context.
  • Describe the elements of an operation’s internal and external environment.
  • Explain the significance and role of internal and external stakeholders in establishing the operational risk context.
  • Define stakeholder pre-loss and post-loss objectives.
  • Describe the importance of a helicopter view of risk.
  • Describe various techniques for stakeholder consultation
  • Describe various techniques for stakeholder consultation.
  • Describe the ways in which stakeholders add value to the operational risk management process.
  • Recall the four types of operational risk.
  • Outline the importance of creating criteria for a hierarchy of risks.
  • Order the broader risk categories in the hierarchy of risks.
  • Recall some of the fundamental legislative Acts and regulations with which your operation is required to comply.

This section examines critical issues of which operational managers need to be aware as they undertake risk identification, a fundamental element in the operational risk management process.

The section also explores the need to describe, or express and communicate a risk, through statements highlighting the benefits of risk management for an operation.

Finally, this section analyses the application of a risk matrix.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Recall some of the consequences of an operation failing to adequately identify its risk exposures.
  • Recall some of the open questions organisations can ask to begin the risk identification process.
  • Recall some of the stakeholders who could contribute to operational risk identification.
  • Describe some of the issues operational managers need to consider that may affect successful risk identification in their operations.
  • Identify some of the consequences of operational areas failing to communicate.
  • Recall key elements of a risk statement.
  • Describe the components of a well-written risk statement.
  • Recall the formula for a consistent risk statement.
  • Summarise the advantages of expressing risks in a simple narrative format.
  • Recall the key risk components a risk statement.
  • Define a risk matrix.
  • Identify inputs of the operation exposed to risk.
  • Identify generic sources of operational risk, which organisations can use to construct a typical risk matrix.
  • Recall some of the questions managers can ask to complete their identification of operational risks.
  • Identify independent risk identification techniques organisations can apply in the process of identifying risks in an operation.
  • Recall some of the typical techniques that designated risk managers or professionals can use to engage others in the risk identification process.

This section considers the techniques by which the operational manager can find a practical balance between the many risks and few resources inherent in the risk management process.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Define operational risk analysis.
  • Describe the process of analysing identified risks against goals and objectives.
  • Recall some of the outcomes of a critical risk analysis.
  • Describe the purpose of measuring levels of impact.
  • Define the components which determine the level of risk.
  • Identify sources of information about how often a particular risk is likely to occur and the potential consequences if the risk does occur.
  • Recall the most frequently used types of analysis.
  • Describe some of the factors which can influence the organisation’s selection of a particular analysis method.
  • Define qualitative risk analysis methods.
  • Define semi-quantitative risk analysis methods.
  • Define quantitative methods of analysis.
  • Describe what is involved when beginning the operational risk treatment process.
  • Describe the major objective of the risk treatment process.
  • Outline the importance of a board-level defined risk appetite and tolerance in operational decision making.
  • Recall some of the abilities associated with selecting and implementing operational risk treatments.
  • Recall some of the factors on which selecting the most suitable risk treatment options depend.
  • Describe some of the categories organisations can use to classify identified risk treatments.
  • Outline what the operational manager need to do if the organisation requires new risk treatments.
  • Recall some examples of resources organisations can draw upon in the risk treatment phase.
  • Recall some of the elements a typical risk treatment plan may include.
  • Recall some of the aspects of the operation’s normal management plans and processes that organisations must integrate into their risk treatment action plans
  • List some of the elements that a typical one-page risk treatment action plan contains.

This section provides an overview of evaluation techniques for identifying the cost of high and low-level risks and losses.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Describe the broader definition of operational risk management.
  • Describe the critical elements or concepts in the evaluation process.
  • Describe the importance of evaluating high level risks.
  • Recall key steps of the risk review session.
  • Recall typical examples of acceptable sustainable losses.
  • Recall some of the factors that could cause a sudden shift in the level of a risk considered low.
  • Identify scenarios for which organisations may need to re-evaluate the appropriateness of treatments for low risks.

This section tackles the final operational management step within the risk management process -implementing systems, processes and procedures to control and monitor operational risks.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Explain the different characteristics of known (type 1) and unknown (type 2) risks
  • Identify some ‘checks and balances’ an operation can adopt to integrate type 1 risk control and monitoring into its activities.
  • Distinguish between risk treatment assurance measures for type 1 and type 2 risk treatments.
  • Describe the elements of a treatment implementation plan.
  • Distinguish between measures of activity and measures of outcomes.
  • Describe the purpose of using KPIs in operational environments.
  • Describe characteristics of KPIs appropriate to use in an operational setting.
  • Recall some of the factors which form an important part in monitoring how well a risk treatment implementation program contributes to risk mitigation.
  • Describe key information incident reports should capture.
  • Recall some auditing tools organisations can use in addition to mini-reviews and general auditing.
  • Describe the purpose of implanting the operational risk treatment plan in conjunction with other operational units.
  • Locate resources to assist in integrating risk management into the operational framework.
  • Describe the criticality of employee acceptance of the operational risk management process.
  • Describe the different approaches in implementing risk treatment plans required for each risk type
  • Identify the key elements of the process for implementing and monitoring risk treatment actions and activities
  • Undertake the steps required to carry out the process for implementing and monitoring risk treatment actions and activities
  • Describe a structure or framework for integrating a risk treatment implementation and monitoring program into different operational environments
  • Describe and apply a systematic process for effectively integrating the management of risk into operational systems, culture and management.

MODULE 4

Risk Treatment & Financing Practices

This module is designed to examine risk treatment & financing issues, such as selection of risk treatments, preparing risk treatment & financing plans, implementing plans and monitoring & reviewing the risk treatment & financing process. It will also help you develop an understanding of risk treatment and financing processes.

Risk Treatment and Financing Practices is divided into six sections:

This section looks at the meaning of risk treatment and risk financing and briefly describes various types of risk treatment and financing. The section outlines how risk treatment and risk financing fit within the risk management process. The section also examines the importance of risk treatment and financing and the consequences of not applying appropriate treatment and financing strategies.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Identify the roles of risk treatment and risk financing in an organisation and determine how they fit into the risk management process
  • Describe risk financing options such as insurance, funded and unfunded loss reserves, a line of credit, captive insurers and mutual pools
  • Explain the importance of risk treatment and financing, and the consequences of not applying these strategies.

This section tackles the processes that underpin risk treatment and risk financing. The process involves identifying, assessing and selecting appropriate risk treatment and financing options. The section also looks at preparing a risk treatment and financing plan and how such plans are implemented, monitored and reviewed.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Describe the risk treatment and financing process
  • Identify risk treatment and financing options
  • Assess and select risk treatment and financing options
  • Prepare a risk treatment and financing plan
  • Describe how to implement, monitor and review a risk treatment and financing plan.

This section discusses utilizing the various techniques for identifying and designing risk treatments. It explains the principles of risk allocation and how they apply to the main categories of risk treatment. The section also examines how cost-benefit analysis is used to select appropriate risk treatments.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Describe how to utilize various techniques for identifying and designing risk treatments
  • Explain the principles of risk allocation and how they apply to the main categories of risk treatment
  • Utilize cost–benefit analysis in selecting appropriate risk treatments.

This section examines how financial risk retention levels are established and set, and the internal and external considerations associated with setting these levels. The section outlines the key issues for consideration when establishing traditional risk financing programs, such as risk retention and risk sharing issues. Finally, the section looks at advanced risk financing strategies such as integrated covers and programs, dual trigger policies, captive insurers, finite/blended risk policies, contingency capital, weather derivatives, insurance linked securities.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Explain how financial risk retention levels are established
  • Assess the internal and external considerations for an organisation planning its risk retention strategies
  • Explain the traditional and advanced risk financing methods
  • Assess options for risk treatment and risk financing strategies
  • Utilize relevant information in determining appropriate risk financing strategies.

This section discusses the general principles for preparing risk treatment and financing plans. It examines options for preparing plans, communication strategies for treatment plans, implementation of plans and integration into existing organisational policies procedures and frameworks.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Apply general principles for preparing risk treatment and financing plans
  • Prepare risk treatment and risk financing plans
  • Identify risk communication issues in a risk treatment plan
  • Determine effective implementation strategies for executing risk treatment and financing plans.

This section focuses on the monitoring and review of risk treatment and risk financing to ensure that risk exposures are effectively managed. The section looks at establishing a monitoring and review regime within an organisation and the organisational performance criteria for monitoring and review of risk treatment and financing.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Monitor and review risk treatment and financing plans
  • Utilize appropriate recording methods to ensure that risk treatment and financing plans and processes are conducted and maintained.

MODULE 5

Risk Management Framework
& Documentation

This module covers the advanced application of risk management principles and practices. The objective of this module is to provide the knowledge and skills to plan and implement an enterprise-wide risk management framework within an organisation and to identify, develop and maintain adequate supporting documentation.

Risk Management Framework and Documentation is divided into four sections:

This section provides an overview of the reasons a risk management framework may be introduced into an organisation, the benefits it will derive from doing so and the linkages to some of the core organisational functions (compliance, corporate governance etc.).

The module also introduces the key elements that comprise a risk management framework, the documentation that underpins the successful implementation and the manner in which the framework should be implemented.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Understand the links between risk management and allied activities such as: compliance, internal audit, assurance and corporate governance
  • Describe the principles and benefits of risk management
  • Describe the benefits of developing a risk management framework
  • Outline the differences between a number of the risk management frameworks detailed in risk management standards throughout the world
  • Understand the elements that go into developing a risk management framework.

Learning outcomes: Upon completing this section, the student should be able to:

  • Identify the key elements of a risk management framework
  • Describe the important requirements for implementing a risk management framework
  • Analyse the effectiveness of an existing risk management framework.

This section provides greater detail in relation to the elements of a risk management framework introduced in section one. The points discussed in this section are:

  • Ensuring the support of senior management from the outset
  • Integrating risk management into strategic and business planning
  • Reviewing the current risk management systems (if any exist)
  • Determining how risk exposures will be managed at each level of the organisation
  • Communicating risk matters with relevant stakeholders
  • Establishing responsibilities, accountability and authority
  • Customizing the risk management process for the organisation
  • Providing training to staff
  • Resourcing risk management within the organisation
  • Establishing how the will be monitored and reviewed (including post-event analysis)
  • Establishing how risk management will be reported within the organisation.
     

Learning outcomes:
Upon completing this section, the student should be able to:

  • Describe the contents of an effective risk management policy
  • Describe the contents of an effective risk management manual/plan
  • Identify the content requirements of an effective risk register within an organisation
  • Identify the format for risk treatment plans
  • Identify the types of monitoring, reviewing and auditing documents
  • Describe the format and information found within an incident database.

Learning outcomes:
Upon completing this section, the student should be able to:

  • Describe the different phases in the implementation of the risk management framework
  • Identify the information requirements for an implementation plan
  • Describe the communications requirement for the implementation plan
  • Identify the potential barriers to the successful implementation of the framework
  • Apply some of the methodologies that can be employed to overcome resistance to change.

Apply for the PA-CRP today and be a Certified Risk Professional!