- An outline of Corporate Governance;
- The eight facts of business life as regards risk management;
- The nature of risk;
- Types of risk, including Credit, Market and Operational;
- How all business risk can be said to fall under the umbrella of Operational Risk;
- How risk is identified;
- What is a risk, and what is simply a control not working;
- Identifying Risk Parameters including Asset Types under threat, and Risk Appetite;
- The need to manage risk, not simply to measure it;
- Risk Management Standards – UK and Australia/New Zealand standards;
- Moving from the general to the specific with a discussion on Sarbanes–Oxley as an example.
The delegates, as a group, discuss the bank detailed in the case study and determine the overall risk parameters, which are then fixed for the rest of the case study sessions. They will identify what "assets" the bank would consider to be under threat and how important each one is; the types of Corporate Risks this bank may be subject to; and what weighting should be given to each of the Risk Planning parameters within the bank.
From a detailed written description of the bank's Electronic Banking activity, small groups of delegates are asked to determine an acceptable Risk Appetite; establish what range of values would constitute high risk, medium risk and low risk; identify the key risks and assign them to an asset category and Impact and Probability category. In addition each risk will be assigned to an Objective linked to the bank's overall Strategy if delegates feel this is required.