Controls design and assurance.

Your internal control framework and individual controls are the front line in managing your risks, yet they are often misunderstood, neglected and operating inefficiently and ineffectively.

This course presented by David Tattam, Chief Research and Content Officer at Protecht, is focused on providing a deep understanding of controls to enable optimally designed controls to be implemented to achieve maximum effect for minimum cost.

Once we are comfortable that we have a well-designed controls framework, we need to gain assurance that our key controls are working effectively. Having a robust controls assurance function is key.

The course will take you through best practice in controls assurance to allow you to benchmark your existing process or assist in building an effective and efficient function.

Course overview

In this course, you'll learn:

1. The purpose and value of controls and controls management

• The value add of controls management
• Key objectives of controls and controls management
• Controls as enablers

2. What are risks, treatments and controls?

• Understanding objectives and critical processes
• Components of risk
• Introduction to the risk bow tie method
• Treatment methods

3. Types of controls and control frameworks

• Types of control classifications
• Benefits of control classifications
• Control taxonomies
• What is and is not a control
• Introduction to control frameworks

4. How controls modify risk

• Measures of risk
• Side effects of controls
• How different types of controls modify risk

5. Measuring controls

• Difference between effectiveness of individual controls and
• Groups of controls
• Key elements to determine control effectiveness

6. Control objectives

• Importance of well articulated control objectives
• A method to consistently articulate control objectives
• Alternative control objective methodologies

7. Designing effective controls

• Starting with control objectives
• Factors to consider when assessing design effectiveness

8. Operating effective controls

• Factors to consider when assessing operating effectiveness

9. Control assurance

• Components of control assurance
• Types of control tests
• Sources of information about controls
• Overview of sampling methods
• Measuring control effectiveness

10. Controls assessment

• Assessing groups of controls
• Using bow ties to identify control gaps

11. Issues & actions

• Types of issues identified during controls management
• Considering treatment methods and cost of controls

12. Controls reporting

• Reporting for controls
• Providing controls assurance through reporting
• Escalation, response and issues and action management

13. Control ownership and culture

• Reinforcing the three lines of defense
• Ownership, accountability and responsibility for controls
• Building a strong control culture

Course expectations

• Watch 25 videos
• Answer 9 knowledge questions
• Answer 10 quiz questions
• 4 downloadable materials

Timings

• 4 hours of video content
• Approximately 5 hours for the whole course

Cost

• US$600 payable by credit card on registration

Next steps

You can purchase this course on-demand via Protecht Academy by credit card.

This course has been approved by the International Institute of Risk and Safety Management for the period covering March 2024 - September 2025. Find out more about the IIRSM.

Please contact Protecht directly if you would like to discuss packages to implement this training across your organization. Bulk discounts are available and packages can be invoiced in your local currency.