Managing Critical Controls - From 'Ticking the Box' to Effective Risk Management

An RMIA Virtual Course in partnership with Noetic Group

Are you tired of risk management that doesn’t add value?

Risk management is critical to effectively managing your organisation but takes time and commitment to get it right. We’ve all seen risk management practices that create a significant amount of documentation that doesn’t help decision-making. 

A lengthy and complex risk register can even give the false impression that risks are being managed effectively, when that is not always the case.

Are you worried that you don’t know the true effectiveness of you organisation’s controls? 

There can be a tendency for optimism bias when trying to assess the level of risk and the effectiveness of controls. It can be tempting to believe that a control is effective, despite having no evidence. Even as we have been dealing with COVID-19, we are still seeing examples of a ‘it won’t happen to me’ mentality.

Do you want to move away from lengthy risk plans and excel spreadsheets? 

You’re encouraged to come along to our course on the critical controls approach, which is fully aligned with the international ISO 31000 risk standard. 

This approach focuses on those risk controls considered critical to preventing unwanted risk events and mitigating their consequences if they do occur. These controls must be effective for the risk to be managed well and there must be evidence of their effectiveness. 
A traditional risk assessment might list 20 controls for a risk, but a closer inspection might show that 18 of those controls do very little to detect and prevent a risk event or mitigate its consequences.

Join us to explore an approach that helps ensure your leaders have the right risk information they need to make good decisions.

What the course will cover:

  • Challenges with Risk Management
  • The Critical Controls approach
  • Benefits of focusing on critical controls
  • Tools and techniques
  • Case studies
  • How this can be applied to different types of risks - Strategic, project and operational
  • Scenario discussions
  • Engaging with senior leaders on improving organisational decision making

Learning Objectives

  • Understand the critical control approach and how to apply it
  • Understand how to effectively use key tools, such as a risk bowtie
  • Understand how to apply the critical control approach to different types of risk
  • Learn techniques for engaging with senior leaders on improving risk management

Who should attend this course? 

  • Enterprise risk teams
  • Specialist risk teams
  • Everyone interested in managing risks more simply and effectively

Benefits of attending this course

  • It will help you describe risks to your senior executive, enabling them to focus their attention on what really matters
  • It will help you to reduce the number of unnecessary and unused risk documents and artifacts
  • It will help you be more successful by focussing your effort on ensuring that the critical risk controls are effective

Format of The Course

  • Pre-course
    • You will be sent some pre-course materials including a short video on the critical control approach and some factsheets one week prior to the first session. You will also be asked to fill out a short questionnaire about yourself, which will be shared with other participants. This will assist with networking in a virtual environment.
  • During the course
    • This course will be held via Zoom through two half-days (3.5 hours each). This will include use of the breakout room functions to simulate table group discussions.
  • After the course
    • You will be provided with additional templates and tools to assist you in applying the critical control approach.

About Noetic Group

Noetic is a professional services consulting firm with a head office in Canberra, and offices in Sydney and Washington DC. Noetic has provided risk management services to multiple clients over the years, including in federal and state government agencies in Australia as well as for oil, gas and mining sectors globally. For more information, visit their website.

This risk course will be facilitated by two of the following Directors or Consultants in the Noetic Group:

Mark Brogan, Brittany Corsini, Liana Dobson, Phil Forrest, Peter Murphy and Matthew Tuohy.

Brittany Corsini, Consultant: Brittany has had a strong involvement in the communication and implementation of the Critical Control Approach throughout her time at Noetic. She has demonstrated her ability to provide guidance and advice regarding effective risk management practices through her project work with various government clients. Brittany has specific experience working with organisations to assess the risks associated with service delivery and business continuity. Her focus is on identify what controls are critical to successfully managing risk and providing fit-for-purpose, implementable solutions to complex enterprise challenges.

Liana Dobson, Principal Consultant: Liana has a strong track record in delivering outcomes which are practical and sustainable. She has established a reputation for collaborative leadership, integrity and identifying new opportunities for business improvement. She seeks out complex problems and is known for high-level strategic thinking and delivering more than expected. Liana is flexible in her approach and can respond quickly to disruption by identifying appropriate levels of risk taking and managing program interdependencies. Liana works with senior executives to manage their difficult and sensitive challenges. Her focus is on complex governance reform and enterprise risk management.

Phil Forrest, Director: Phil is a Director based in Brisbane. Over the course of 15+ years consulting, he has developed an excellent understanding of risk and the critical control methodology and how critical controls link to strategic and enterprise risks and to business continuity. Phil has integrated the critical controls methodology into projects for a range of Commonwealth, State and Territory departments and agencies for project work, incident response and emergency management. Phil recently co-authored a client discussion paper on the adopting the critical control approach to managing operational risks. The paper outlines the limitations of quantitative and qualitative risk management methodologies and described how managing risks by focusing on implementing and managing the critical controls can significantly improve an organisation’s ability to manage risk.

Matthew Tuohy, Senior Consultant: Matt has worked extensively with businesses to understand their risks and how they manage them. His background in the mining industry provides a strong understanding of business operate in high risk industries and with variable market conditions. In his time at Noetic, Matt has worked with companies, regulators and public sector agencies to clarify their risk management arrangement. He is effective at helping clients to develop systems that provide clear focus on how well risk is managed, to manage the change required to implement these systems and to build capability of senior leaders to sustain them.

Pricing (GST Inclusive)

RMIA Members: $1,287.00 Incl.GST

Non-Members: $1,430.00 Incl.GST

Group Bookings: For Group Bookings, please contact us via email on events@rmia.org.au or by phone on 02 9095 2500.

Noetic Group Contact: If you have any questions, please email risktraining@noeticgroup.com

Find the next MCC Event and REGISTER NOW!

Testimonials

"The Managing Critical Controls course was an enjoyable and concise course which provided the fundamentals for identifying and understanding critical controls, as well as providing guidance on how to structure assurance activities. Dannya and Liana were very knowledgeable presenters, who executed the material as well as being very accommodating to ensure they answered all questions.”

– Attendee from the Resources Sector