Advanced Governance, Risk and Compliance (GRC)

Corporate governance and risk management are critical topics attracting more attention in business schools and legislative bodies in public and private organizations. While there are different corporate governance and risk management models, all aim to control risks effectively and organize the relationship between a company and its stakeholders. What is more important is that governance, risk management, compliance, and adequate internal controls are all part of one system. Unfortunately, not all companies have this avant-garde approach toward this system. This course includes discussions about board structures, committees, and their functions while covering the detailed process of managing risks per the Committee of Sponsoring Organizations (COSO) of the Treadway Commission requirements compared to ISO standards. In addition, this course includes a module on compliance per the ISO standards that covers the latest developments in this area.

Advising on the GRC system Advising on the structure of the board of directors Establishing board committees Advancing board policies Improving risk management functions Expanding compliance functions

Day One: Corporate Governance and its Tools: Risk Management, Compliance & Internal Audit Corporate governance; definition, concept, rules, principles What are the barriers and obstacles to actually enforce it? How to implement corporate governance in reality? Board’s committees; roles and responsibilities Identifying the audit committee role and responsibilities Risk management, compliance & internal audit overlapping & how to overcome it? Cooperation & collaboration among this triangle functions Main thoughts to improve corporate governance Day Two: Risk Management; All You Need To Know About It Risk management fundamental concepts, universe & principles Risk management framework; policies, methodologies and infrastructure Risk management limitations with traditional approaches to risk management Key performance indicators (KPI) vs. Key risk indicators (KRI) What is a risk register & how to create one? Business continuity planning vs. Disaster recovery plan Risk control self-assessment (RCSA) Role & responsibilities of the risk champions Day Three: Identifying Different Categories of Organizational Risks in your Organization Financial risk / credit risk / liquidity risk Operational risk Non-compliance risk Systematic risk vs. Systemic risk Political risk / sovereign risk / country risk Strategic risk / legal risk / reputational risk Fraud risk / ethical behavior risk / criminal behavior risk ESG, digital, cyber, and technology risks Day Four: Risk-Based Compliance & Risk-Based Internal Audit Compliance new approach; risk-based compliance Role, duty, objective and responsibility of a compliance officer What is the specific profile for a compliance officer? Money laundering threats and methods & terrorist financing threats and methods What is risk-based internal auditing? How & why audit units move into risk based audit The transition from system-based to risk-based internal auditing Risk-based audit approach and risk-based audit methodology Auditing the control environment Day Five: Role of The Board Towards Strengthening & Augmenting Governance Process Role of the board Business plan vs. Strategic plan Strategic planning and strategic management Risks in focus 2025 and how organizations can tackle Controlling fraud; the fraud triangle and the fraud diamond Auditing corporate governance OMBUDS process (whistleblowing) Business and financial lessons learnt