Managing Critical Controls - From 'Ticking the Box' to Effective Risk Management

An RMIA Virtual Course in partnership with Noetic Group


Are you tired of risk management that doesn’t add value?

Risk management is critical to effectively managing your organisation but takes time and commitment to get it right. We’ve all seen risk management practices that create a significant amount of documentation that doesn’t help decision-making. 

A lengthy and complex risk register can even give the false impression that risks are being managed effectively, when that is not always 
the case.

Are you worried that you don’t know the true effectiveness of you organisation’s controls? 

There can be a tendency for optimism bias when trying to assess the level of risk and the effectiveness of controls. It can be tempting to believe that a control is effective, despite having no evidence. Even as we have been dealing with COVID-19, we are still seeing examples of a ‘it won’t happen to me’ mentality.

Do you want to move away from lengthy risk plans and excel spreadsheets? 

You’re encouraged to come along to our course on the critical controls approach, which is fully aligned with the international ISO 31000 risk standard. 

This approach focuses on those risk controls considered critical to preventing unwanted risk events and mitigating their consequences if they do occur. These controls must be effective for the risk to be managed well and there must be evidence of their effectiveness. 
A traditional risk assessment might list 20 controls for a risk, but a closer inspection might show that 18 of those controls do very little to detect and prevent a risk event or mitigate its consequences.

Join us to explore an approach that helps ensure your leaders have the right risk information they need to make good decisions.

What the course will cover:

  • Challenges with Risk Management
  • The Critical Controls approach
  • Benefits of focusing on critical controls
  • Tools and techniques
  • Case studies
  • How this can be applied to different types of risks - Strategic, project and operational
  • Scenario discussions
  • Engaging with senior leaders on improving organisational decision making

Learning Objectives

  • Understand the critical control approach and how to apply it
  • Understand how to effectively use key tools, such as a risk bowtie
  • Understand how to apply the critical control approach to different types of risk
  • Learn techniques for engaging with senior leaders on improving risk management

Who should attend this course? 

  • Enterprise risk teams
  • Specialist risk teams
  • Everyone interested in managing risks more simply and effectively

Benefits of attending this course

  • It will help you describe risks to your senior executive, enabling them to focus their attention on what really matters
  • It will help you to reduce the number of unnecessary and unused risk documents and artifacts
  • It will help you be more successful by focussing your effort on ensuring that the critical risk controls are effective

Format of the course

  • Pre-course
    • You will be sent some pre-course materials including a short video on the critical control approach and some factsheets one week prior to the first session. You will also be asked to fill out a short questionnaire about yourself, which will be shared with other participants. This will assist with networking in a virtual environment.
  • During the course
    • This course will be held via Zoom through two half-days (3.5 hours each). This will include use of the breakout room functions to simulate table group discussions.
  • After the course
    • You will be provided with additional templates and tools to assist you in applying the critical control approach.

About Noetic Group:

Noetic is a professional services consulting firm with a head office in Canberra, and offices in Sydney and Washington DC. Noetic has provided risk management services to multiple clients over the years, including in federal and state government agencies in Australia as well as for oil, gas and mining sectors globally. For more information, visit their website.

This risk course will be facilitated by two of the following Directors in Noetic:

Dannya Hu, Liana Dobson, Brittany Corsini, Matthew Tuohy and Phil Forrest.

Dannya Hu: Dannya has a strong background in both consulting and the Australian Public Service. She is passionate about helping clients improve their enterprise risk management and enterprise governance, having done so through executive level roles in both the Department of Defence and Department of Immigration and Border Protection (now Home Affairs). As a Director in Noetic, Dannya is responsible for leading complex and challenging projects to ensure that client expectations are met and that the intended outcome is achieved. Dannya is also the president of the Risk Management Institute of Australasia’s ACT Chapter, a position she has held since February 2019. 

Liana Dobson: Liana has a strong track record in delivering outcomes which are practical and sustainable. She has established a reputation for collaborative leadership, integrity and identifying new opportunities for business improvement. She seeks out complex problems and is known for high-level strategic thinking and delivering more than expected. Liana is flexible in her approach and can respond quickly to disruption by identifying appropriate levels of risk taking and managing program interdependencies. Liana works with senior executives to manage their difficult and sensitive challenges. Her focus is on complex governance reform and enterprise risk management.

Phil Forrest: Phil is a Director-level consultant based in Brisbane. He has an excellent understanding of the risk and bowtie methodology and how critical functions link enterprise risks to business continuity requirements. Phil has recently completed risk management projects for other clients including the Department of Home Affairs. 

Pricing (GST Inclusive)

RMIA Members: $1,287 Inc GST

Non-Members: $1,430 Inc GST

Group Bookings: For Group Bookings, please contact us via email on or by phone on 02 9095 2500.

Noetic Group Contact: If you have any questions, please email

Find the next MCC Event and REGISTER NOW!