Register early for the Certification in Objective-Centric Risk & Certainty Management certification course and save 50% as an early adopter.
The course is scheduled to be available end of March or early April 2021.
Practical, step-by-step training to equip you, your risk management function, and/or internal audit department professionals to implement and maintain the newest generation of enterprise risk management (ERM) and Internal audit – objective-centric risk and certainty management.
Whether you are a risk management or internal audit professional there are clear signs that the future of both professions is objective-centric risk and certainty management.
In 2017 COSO issued new enterprise risk management (ERM) guidance titled Enterprise Risk Management: Integrating with Strategy and Performance. It calls on risk professionals to transition from risk-centric and risk register based ERM to one that focuses on assessing the risk/certainty linked to top strategic/value creation and value preservation objectives and directly linking risk assessments with performance data.
ISO 31000 2018, the global risk management standard, defines risk as “effect of uncertainty on objectives”. The introduction opens with: "Organizations of all types and sizes face external and internal factors and influences that make it uncertain whether they will achieve their objectives ... Managing risk is iterative and assists organizations in setting strategy, achieving objectives and making informed decisions."
In the internal audit space, the IIA issued Sawyer's Internal Auditing: Enhancing and Protecting Organizational Value, 7th Edition in 2019. The book chronicles an evolution in internal audit methods/thinking. The most modern evolved internal auditor that started to emerge in 2015 is coined “the Objective-Based Auditor”.
- 1941 - the Internal/External Auditor
- 1970 - the Internal Control Process Auditor
- 1990 - the Risk-Based Auditor
- 2000 - the Risk Management-Based Auditor
- 2015 - the Objective-Based Auditor
Dan Clayton, one of the principal authors of this IIA Sawyer update, gave a progress report in February 2021 in a LinkedIn post. His conclusion was not encouraging: “Many internal auditors are still producing the original internal audit value from 1941.”
In 2020 the IIA updated the original THREE LINES of DEFENSE, and issued the new THREE LINES MODEL. Even a quick scan of the overview diagram below makes it clear that 1st and 2nd “LINES” focus is “Actions (including managing risks) to achieve organizational objectives”. The focus of the 3rd LINE is defined as “Independent and objective assurance and advice on all matters related to the achievement of objectives”. The role of the “GOVERNING BODY” is “organizational oversight”. Given the roles defined for 1st/2nd/3rd lines, it's clear the board’s job is to oversee risk/certainty top value creation and preservation objectives are achieved.
For Boards of Directors, powerful institutional investors are escalating pressure on boards to demonstrate that they are effectively overseeing strategic planning and risk management. The International Corporate Governance Network (ICGN), a global not-for-profit representing companies with assets under management totaling over $26 trillion, calls on investors to start by focusing their attention on the boards of investment companies:
“The risk oversight process begins with the board. The unitary or supervisory board has an overarching responsibility for deciding the company’s strategy and business model and understanding and agreeing on the level of risk that goes with it. The board has the task of overseeing management’s implementation of strategic and operational risk management”.
Benefits of Objective Centric Risk Management
- All efforts are focused on increasing/managing the certainty of achieving top strategic/value creation and value preservation objectives, objectives key to a company’s long-term success.
- Accountability to assess/report on risk/certainty is positioned squarely with management most responsible for achievement of the objective(s) and reacting quickly when new risk information and opportunities emerge, and/or performance data indicates major problems.
- The focus of 2nd LINE is to help 1st line be the primary risk/certainty assessor/reporters. The 1st Line provides primary status data to the CEO and Board. The focus of the 3rd LINE is to assess and report opinions to the Board on the reliability of the risk/certainty status information the Board gets.
- The C-suite with Board oversight defines the top strategic/value creation and value preservation objectives they want risk/certainty information on. Risk management and Internal Audit move from being “supply driven” to “demand driven” by their customers. A much safer place to be.
- CEOs/Boards (RM/IA customers) specify the objectives important enough to warrant the cost of formal risk/certainty assessment and they specify the target level of risk/certainty assessment rigor. Risk/certainty assessment rigor options range from “intuitive/experiential” done by an Owner/Sponsor with or without facilitator assistance taking as little as an hour, to the most advanced risk/decision support methods available that may require many weeks, even months of time/effort.
- Professionals taking this certification training are well positioned for future positions in 1st/2nd/3rd line groups in public and private sector organizations that buy the business case for objective centric risk and certainty management.
- All the LINES are focused on assessing/reporting on the risk/certainty of achieving the company’s most important objectives. The goal – better data to make important decisions. For the first time, all the LINES use a common taxonomy and method to assess and report on risk/certainty of achieving top objectives.
- Boards/companies are able to demonstrate to powerful institutional investors and regulators they are overseeing strategic planning, the effectiveness of the company’s risk management framework, and effectiveness of internal audit.
- The value added by risk functions and internal audit is increased exponentially per dollar of spend.
Who the cORCM Certification Course if For:
- Internal audit professionals
- Risk management professionals
- 1st line function professionals and managers
- 2nd line function professionals and managers
The cORCM Certification Course includes:
- Strong 1st Line Objective Centric Risk & Certainty Management: The big picture, business case, and linkages to COSO ERM 2017, ISO 31000 2018 and IIA 2020 THREE LINES MODEL.
- Selling the business case and overcoming objections to strong 1st LINE/demand driven/objective centric risk and certainty management.
- Populating the Objectives Register: Methods to decide on/identify top strategic/value creation objectives and value preservation objectives and assign Owner/Sponsors, target risk/certainty assessment rigor, and target independent assurance.
- Identifying risks: introduction to 10 primary methods to identify risks to an objective and 30 to 40 more additional supplemental methods to identify/assess risks that effect certainty objectives will be achieved
- Methods to identify risk treatments available to mitigate risk/transfer risk/share risk/finance risk/avoid risk/accept risk. Methods include using a 9 category Risk Treatment Principles/100+ sub-element framework and other methods including research, benchmarking, facilitation prompts and many more.
- Creating a reliable picture of the current Residual Risk Status/Certainty linked to top objectives for decision makers, including best available performance data, impacts of non-achievement of the objective, impediment data, and accepted and unacceptable concerns/unmitigated risk situations. This step defines the an organization’s true “risk appetite/tolerance”.
- Reporting results to Owner/Sponsors/C-suites/Boards: Recommended reports and summary commentary from CROs/CAEs.
- 6 Level quality assurance framework: Ensuring that the C-Suite and Board are getting materially reliable information on current risk/certainty linked to top strategic/value creation objectives and value preservation objectives
- Selecting software to support OCRCM: Lessons learned since 1996 building and implementing objective centric software systems. Beware of vendors who say their software can be configured to do anything/everything.
- Core skills to successfully facilitate objective centric risk and certainty management assessments using CertaintyStatusLine – lessons from a 35 years of facilitating workshops around the world.
- Using objective centric risk and certainty management for SOX 404/SOX like risk/control assessments to identify the balance sheet/income statement line items/XBRL codes with unacceptable residual risk/certainty.
When you are ready to start using the speed of 5G internal auditing and risk management, the cORCM certification course is exactly right for you.
Organizations are requesting objective-centric, demand-driven, and stronger 1st line functions, that is exactly what you learn to do in this certification course.
Take your career to a new level when you get in on the ground floor of this radical shift to risk management and internal audit.
BONUSES WHEN YOU REGISTER NOW FOR THIS CERTIFICATION COURSE:
- Templates and tools to implement OCRCM at your organization ($1,000+ value)
- Certification exam and study material included as part of the course for free ($500-$1,000 value)
- The Certification in Objective-Centric Risk & Certainty Management (cORCM) professional designation when you pass the exam at the end of the course.
- Use your cORCM designation on LinkedIn and your resume / CV for life proving to others you know how to use objective-centric risk & certainty management and assurance approach.
- No travel necessary ($2,000+ savings)
Tim is founder and Managing Director at Risk Oversight Solutions. His focus for the past 30 years has been promoting the business case for, and helping organizations implement, strong management driven objective centric risk and certainty management. He has received awards for outstanding contributions from CPA Ontario, IIA, ACFE and OCEG. His work in the field of strategy and risk governance has been recognized by articles published by Harvard and Columbia Universities, London School of Economics, the IIA, Conference Board, and many others.
He has taught tens of thousands of board directors, senior executives, risk specialists and internal auditors around the globe. In December 2019 Richard Chambers named Tim to his list of the top 10 internal audit and risk thought leaders of the decade globally.
He has provided training and advice to major corporations around the world including Mobil, Shell, Telstra, NAB, KPMG, RBC, CIBC, MBNA, Manulife, Canadian federal government, BellSouth, Sonera, Rabobank, Telecom Italia, ABN Amro, Novartis, TMX, City of Burlington, public sector organizations at all levels, SVG Capital, and hundreds of others.