In this course, David Tattam, Chief Research and Content Officer at Protecht, focuses on improving knowledge and skills in relation to setting risk appetite and tolerance for your organization’s key risks.
The setting of an organization's risk appetite is a critical component of a robust risk management framework.
By the end of this course, you will gain insights into how to develop a comprehensive Risk Appetite Framework and Risk Appetite Statement for your organization.
Course Description
In this course, you'll learn:
1. The uses and value of risk appetite
- Freedom to operate
- Escalation and reporting
- Decision making
- Assurance
2. What risk appetite is and what it means
- The concept of risk appetite
- Appetite, tolerance, capacity
3. Risk appetite framework
- Risk appetite and ISO 31000
- Risk appetite as part of your ERM framework
- The relationship between risk and reward
4. Determining risks to set appetite for
- Linking to risk taxonomy
- How granular?
5. Articulating risk appetite
- Qualitative, quantitative and semi quantitative
- Appetite for inherent and/or residual risk
- The various ways risk can be measured and appetite articulated
- A suggested framework for articulation
- Qualitative
- Quantitative – risk tolerances
- Semi quantitative – risk matrix
- Prohibition statements
6. Appetite articulation and appetite evaluation zones
- Qualitative appetite zones
- Escalation zone
7. Setting appetite and tolerance for outcomes and risks
- Setting appetite for outcomes
- Setting appetite for risks
- Setting boundary thresholds
- Visualising risk appetite and tolerances
8. Using the likelihood and impact matrix
- Limitations of the risk matrix for risk appetite
- Modifications needed to reflect risk appetite
9. Setting risk tolerances for financial and non-financial risks
- Practically setting risk appetite
- The principles of setting risk appetite
- Setting risk appetite for financial risks
- Examples of financial risk categories and measures
- Setting risk appetite for operational risks
- Setting risk appetite for strategic risks
10. The risk appetite statement
- Content and Format – A blueprint RAS
11. Operationalizing the risk appetite
- Cascading through the business
- Artefacts to use: policies, delegations etc.
12. Risk reporting using the risk appetite
- Purpose of risk appetite reporting
- Examples of reporting against risk appetite
13. Responsibilities for risk appetite
- Roles, responsibilities and ownership
- Who uses risk appetite
14. When risk appetite is revised
- Dynamic risk appetite
- Integration into strategic planning
- Reviewing tolerance levels
Course expectations
- Watch 23 videos
- Answer 4 knowledge questions
- Complete 1 interactive risk appetite test
- Answer 10 quiz questions
Timings
- 3 hours of video content
- Approximately 4 hours for the whole course
Cost
-
US$600 payable by credit card on registration
Next steps
You can purchase this course on-demand via Protecht Academy by credit card.
This course has been approved by the International Institute of Risk and Safety Management for the period covering March 2024 - September 2025. Find out more about the IIRSM.
Please contact Protecht directly if you would like to discuss packages to implement this training across your organization. Bulk discounts are available and packages can be invoiced in your local currency.
Our trainers
David Tattam
Chief Research and Content Officer
David Tattam is the Chief Research & Content Officer and co-founder of the Protecht Group. David's vision is to redefine the way the world thinks about risk and to develop risk management to its rightful place as being a key driver of value creation in each of Protecht's customers.
David is the driving force in taking Protecht's risk thinking to the frontiers of what is possible in risk management and to support the uplift of people risk capability through training and content.
Michael Howell
Senior Manager, Research & Content
Michael Howell is Protecht's Research and Content Lead. He is passionate about the field of risk management and related disciplines, with a focus on helping organisations succeed using a ‘decisions eyes wide open’ approach.
Michael is a Certified Practicing Risk Manager whose curiosity drives his approach to challenge the status quo and look for innovative solutions.
David Tattam
Chief Research and Content Officer
David Tattam is the Chief Research & Content Officer and co-founder of the Protecht Group. David's vision is to redefine the way the world thinks about risk and to develop risk management to its rightful place as being a key driver of value creation in each of Protecht's customers.
David is the driving force in taking Protecht's risk thinking to the frontiers of what is possible in risk management and to support the uplift of people risk capability through training and content.
Prior to Protecht, David was the Chief Risk Officer and Head of Operations for the Australian operations of two global banks. He started his career as a Chartered Accountant and Auditor with Grant Thornton and PwC. He is also the author of A Short Guide to Operational Risk.
David is an Associate of the Institute of Chartered Accountants in Australia and New Zealand and a Senior Fellow of the Financial Services Institute of Australia. He is passionate about risk and risk management and in reaping the value that risk and good risk management can create for any business willing to embrace it.
Michael Howell
Senior Manager, Research & Content
Michael Howell is the Protecht Group’s Research and Content Lead. He is passionate about the field of risk management and related disciplines, with a focus on helping organisations succeed using a ‘decisions eyes wide open’ approach.
Michael is a Certified Practicing Risk Manager whose curiosity drives his approach to challenge the status quo and look for innovative solutions. Michael harnesses that curiosity in pursuit of risk knowledge, conducting research and developing content to support and advance risk methodology and product design at Protecht.
Michael’s industry experience includes managing risk functions, assurance programs, policy management, corporate insurance, and compliance.