Three Key Risk Assessments in Your ERM Program: ERM, IT and Internal Controls

The presenter will first conduct a basic review of what is ERM, the three key phases of ERM, and how Risk Assessments fit in. Then the presenter will explain how the Risk Assessment Process works and will specifically focus on three key Risk Assessments you must have as critical components of your ERM Program: the Enterprise Risk Management Risk Assessment, Information Technology Risk Assessment, and the Internal Controls Risk Assessment. You will walk away with practical tools and examples you can implement in your organization immediately.

This webinar is for participants who have a basic foundational knowledge of Enterprise Risk Management and are looking for specific examples on how to complete these three important Risk Assessments. The presenter will focus on how COVID-19 impacted each risk category--including a new COVID-19 risk assessment, the consequences, and mitigating and monitoring tools banks can use to mitigate the effects of the Pandemic now and going forward.

Key Learning Objectives

  1. Quick overview of ERM key definitions and the three ongoing phases
  2. Learn about the Risk Assessment Process and key steps
  3. How to identify, assess, and prioritize your institution’s risks using the ERM Risk Assessment Matrix, and completing an IT, and Internal Control Risk Assessments

Covered Topics

Part I:

  • ERM quick overview and key definitions
  • Three Key Phases of ERM and how Risk Assessments fit in
  • The Risk Assessment Process
  • ERM Risk Assessment– Complete example
  • COVID-19 Risk Assessment 
Part II:

  • Information Technology Risk Assessment
    • Definitions o Areas Assessed
    • Categories Included
  • IT Risk Assessment – Complete example
  • How COVID-19 affected IT Security and Cyber Risk
Part III:

  • Internal Controls Risk Assessment
    • Definitions
    • Areas Assessed
    • Categories Included
  • Internal Controls Risk Assessment – Complete example
  • How COVID-19 affected Internal Controls, Processes, and Procedures

Who Should Attend?

This informative session is designed for Risk Managers and Risk Leaders, Chief Risk Officers, Compliance Officers, Chief Operating Officer, Chief Credit Officer, Internal Auditors, and the entire risk management team.