Risk appetite statements and frameworks.

In this course, David Tattam, Chief Research and Content Officer at Protecht, focuses on improving knowledge and skills in relation to setting risk appetite and tolerance for your organisation’s key risks.

The setting of an organisation's risk appetite is a critical component of a robust risk management framework.

By the end of this course, you will gain insights into how to develop a comprehensive Risk Appetite Framework and Risk Appetite Statement for your organisation.

Course overview

In this course, you'll learn:

1. The uses and value of risk appetite

• Freedom to operate
• Escalation and reporting
• Decision making
• Assurance

2. What risk appetite is and what it means

• The concept of risk appetite
• Appetite, tolerance, capacity

3. Risk appetite framework

• Risk appetite and ISO 31000
• Risk appetite as part of your ERM framework
• The relationship between risk and reward

4. Determining risks to set appetite for

• Linking to risk taxonomy
• How granular?

5. Articulating risk appetite

• Qualitative, quantitative and semi quantitative
• Appetite for inherent and/or residual risk
• The various ways risk can be measured and appetite articulated
• A suggested framework for articulation
  • Qualitative
  • Quantitative – risk tolerances
  • Semi quantitative – risk matrix
• Prohibition statements

6. Appetite articulation and appetite evaluation zones

• Qualitative appetite zones
• Escalation zone

7. Setting appetite and tolerance for outcomes and risks

• Setting appetite for outcomes
• Setting appetite for risks
• Setting boundary thresholds
• Visualising risk appetite and tolerances

8. Using the likelihood and impact matrix

• Limitations of the risk matrix for risk appetite
• Modifications needed to reflect risk appetite

9. Setting risk tolerances for financial and non-financial risks

• Practically setting risk appetite
• The principles of setting risk appetite
• Setting risk appetite for financial risks
• Examples of financial risk categories and measures
• Setting risk appetite for operational risks
• Setting risk appetite for strategic risks

10. The risk appetite statement

• Content and Format – A blueprint RAS

11. Operationalising the risk appetite

• Cascading through the business
• Artefacts to use: policies, delegations etc.

12. Risk reporting using the risk appetite

• Purpose of risk appetite reporting
• Examples of reporting against risk appetite

13. Responsibilities for risk appetite

• Roles, responsibilities and ownership
• Who uses risk appetite

14. When risk appetite is revised

• Dynamic risk appetite
• Integration into strategic planning
• Reviewing tolerance levels

Course expectations

• Watch 23 videos
• Answer 4 knowledge questions
• Complete 1 interactive risk appetite test
• Answer 10 quiz questions

Timings

• 3 hours of video content
• Approximately 4 hours for the whole course

Cost

• US$600 payable by credit card on registration

Next steps

You can purchase this course on-demand via Protecht Academy by credit card.

This course is aligned with the RMIA's certification pathways for Certified Practicing Risk Associate and Certified Practicing Risk Manager. It can be purchased as part of a learning plan towards these qualifications. Find out more about RMIA certifications.

This course has been approved by the International Institute of Risk and Safety Management for the period covering March 2024 - September 2025. Find out more about the IIRSM.

Please contact Protecht directly if you would like to discuss packages to implement this training across your organisation. Bulk discounts are available and packages can be invoiced in your local currency.