This course, presented by David Tattam, Chief Research and Content Officer at Protecht, covers both Compliance Management and Compliance Risk Management.
The focus is on the development of an efficient risk-based approach to compliance management and what that means in practice from recording compliance obligations to setting up a risk-based approach to monitoring compliance. The management of compliance risk is also covered using an ERM framework.
The course also covers the ISO 37301 standard and aligns the concepts to this standard.
Course overview
In this course, you'll learn:
1. Why we need compliance management
- Why we have regulations – society's risk appetite
- Organisation objectives related to compliance
- The changing face of compliance
2. What is compliance management and compliance risk management?
- Defining compliance
- Mandatory and voluntary requirements
- Scoping the compliance function
- Defining compliance risk management
3. What are compliance obligations?
- Sourcing obligations
- Translating into plain language obligations
4. Compliance risk and compliance controls
- ISO 31000 and ISO 37301 definitions of risk
- A risk-based approach to compliance
- The link to operational risk
- Introducing risk bow ties and the components of risk
- Controls over compliance and compliance risks
5. Compliance management
- Understand compliance obligations
- Convert to plain language
- Risk rating obligations
- Preparing the organisation to comply
- Manage ongoing compliance
- Compliance attestations
- Record and analyse results
- Reporting and analytics
6. Compliance change management
- Internal and external changes
- Risk managing external regulatory change
- Risk managing internal systems, process, people, product changes
7. Compliance risk management
- Applying ISO 31000 risk processes to compliance
- Assessing risks leading to noncompliance
- Linking obligations to risk bow ties
8. Risk appetite for compliance
- What is risk appetite for compliance risk?
- Setting an appetite for compliance risk
- What does “zero-appetite / tolerance” mean?
9. Compliance risk assessment
- Linking compliance to risk processes
- Incorporating compliance into risk and control self-assessments
10. Risk metrics for compliance risks
- Identifying risk metrics for compliance risk
- Determining thresholds for compliance risk metrics
- The risk metrics process
11. Compliance controls management
- Identifying key controls for compliance risk
- Obtaining assurance over key controls
- Controls testing and developing a test plan
12. Compliance incident management
- Defining a compliance breach
- Identifying a compliance breach
- Developing a process for breach management
- Meeting external requirements
- Setting up and managing a breach register
13. Compliance reporting
- Objectives of reporting
- Receivers of compliance reports
- Types of compliance reports
- Defining your reports
14. Compliance roles and responsibilities
- Introduction to the 3 lines model
- Compliance across the 3 lines
- Features of strong compliance culture
- Challenges and solutions for effective compliance management
Course expectations
- Watch 16 videos
- Answer 9 knowledge questions
- Answer 10 quiz questions
- 5 downloadable materials
Timings
- 4.5 hours of video content
- Approximately 5 hours for the whole course
Cost
-
US$600 payable by credit card on registration
Next steps
You can purchase this course on-demand via Protecht Academy by credit card.
Please contact Protecht directly if you would like to discuss packages to implement this training across your organisation. Bulk discounts are available and packages can be invoiced in your local currency.
Our trainers
David Tattam
Chief Research and Content Officer
David Tattam is the Chief Research & Content Officer and co-founder of the Protecht Group. David's vision is to redefine the way the world thinks about risk and to develop risk management to its rightful place as being a key driver of value creation in each of Protecht's customers.
David is the driving force in taking Protecht's risk thinking to the frontiers of what is possible in risk management and to support the uplift of people risk capability through training and content.
Michael Howell
Senior Manager, Research & Content
Michael Howell is Protecht's Research and Content Lead. He is passionate about the field of risk management and related disciplines, with a focus on helping organisations succeed using a ‘decisions eyes wide open’ approach.
Michael is a Certified Practicing Risk Manager whose curiosity drives his approach to challenge the status quo and look for innovative solutions.
David Tattam
Chief Research and Content Officer
David Tattam is the Chief Research & Content Officer and co-founder of the Protecht Group. David's vision is to redefine the way the world thinks about risk and to develop risk management to its rightful place as being a key driver of value creation in each of Protecht's customers.
David is the driving force in taking Protecht's risk thinking to the frontiers of what is possible in risk management and to support the uplift of people risk capability through training and content.
Prior to Protecht, David was the Chief Risk Officer and Head of Operations for the Australian operations of two global banks. He started his career as a Chartered Accountant and Auditor with Grant Thornton and PwC. He is also the author of A Short Guide to Operational Risk.
David is an Associate of the Institute of Chartered Accountants in Australia and New Zealand and a Senior Fellow of the Financial Services Institute of Australia. He is passionate about risk and risk management and in reaping the value that risk and good risk management can create for any business willing to embrace it.
Michael Howell
Senior Manager, Research & Content
Michael Howell is the Protecht Group’s Research and Content Lead. He is passionate about the field of risk management and related disciplines, with a focus on helping organisations succeed using a ‘decisions eyes wide open’ approach.
Michael is a Certified Practicing Risk Manager whose curiosity drives his approach to challenge the status quo and look for innovative solutions. Michael harnesses that curiosity in pursuit of risk knowledge, conducting research and developing content to support and advance risk methodology and product design at Protecht.
Michael’s industry experience includes managing risk functions, assurance programs, policy management, corporate insurance, and compliance.