CRM-E Canadian ERM Certification

RIMS Fellow - CRM-EThe workshop for CRM-E (enterprise risk management training), which is an adjunct to the Global Risk Institute’s Canadian Risk Manager designation, begins in Canada in Toronto on June 01.

I will be co-facilitating  the 3-day workshop in Toronto with John Bugalla. It is sponsored by RIMS, and is called  Enterprise-Wide Risk Management: Developing and Implementing (the name of the text). The first session will be a little experimental. John says many of the participants in the US version of this course (ARM-E) are not interested in writing the exam; we will have to see what the Canadian participants want to do. I created the content for the online exam for the CRM-E certification, and so I will be able to prepare students on that score.

Once we understand the background and requirements of the participants, we will be able to adjust the finer points of the approach. I have prepared a number of supplementary materials as back-up:

01-Organizational Planning Process
Shows relationship of Corporate identity; Environmental scan; Strategic/operational planning; Future scenarios; Risk assessment; Performance management; Program evaluation.
02-Corporate Governance
Diagram setting out roles & responsibilities of board; executive; audit authorities; risk owners/managers; and stakeholders.
03-Context Paper

Template with headings to establish the scope and assumptions of risk ID and assessment on a given plan, project, or policy.
04-Risk Register

A spreadsheet that accommodates all steps in the risk assessment, mitigation and monitoring process.
05-Risk Categories

A set of generic categories of sources of risk that can be used to facilitate the identification of risk. Also, a set of specialized risk criteria on new program implementation.
06-BCgov-Risk Dictionary
An elaborate set of generic risk categories applicable to organizational planning contexts — very useful for conducting comprehensive risk ID.
07-Likelihood and Consequence Descriptors
Suitable for operational and strategic contexts. Can be used as a preliminary model and modified according to organizational needs.
Links and references to information vital to ERM implementation and risk ID and assessment. For example: Environmental Scan; Risk Scenarios Planning; Compliance Pitfalls.
09-CRM-E Exam Study Guide

The CRM-E online exam consists of multiple choice and 4 short answer (text) questions. The Canadian and US (ARM-E) versions are distinct.
Key points on ERM implementation in the organization, as well as the risk ID and assessment process. Intended to help practitioners understand what is required to successfully implement a risk regime.

The Enterprise-Wide Risk Management: Developing and Implementing workshop is scheduled in Canada for Edmonton, Oct 17-19; and Vancouver, Nov 21-23.

Read More

Risk Assessment Template-Establish Context

2010-05-20 / How to do Risk Assessment / 2 Comments

Let’s take a look at the elements of a risk assessment template to Establish Context which you can use in the first step in the risk ID/assessment process. Keep in mind that this to establish context for an individual risk identification and assessment exercise on a given topic.

This is a list that has evolved over time, and can be modified to suit the risk context of your organization and line of business:

  1. Organizational Setting; Roles and Responsibilities
    You want to define the organizational unit that is responsible for this particular risk assessment.
  2. Planning/Program Setting and Time Frame
    In other words, what is the process, plan or project under review? There must be some sort of project charter or authoritative documentation.
  3. Goals and Objectives of the Plan/Program under Review
    NB – Not the risk management goals, but rather goals of the project you are scrutinizing for risk. List available work breakdowns.
  4. Environmental Scan: Key Trends and Conditions
    NB – these are not risks; rather, they are largely known. You can state the associated risks during your risk ID session.
  5. Procedural Standards / Organizational and Professional Value Criteria
    Even business rules, ethical guidelines  or customer service ideals – whatever guides the behaviour of your organization.
  6. Analysis of Participants / Stakeholders / Agents / Constituents
    The key here is to note their objectives and values – these can easily be sources of risk.
  7. Relevant Risk Categories
    Generic categories of risk, as well as specialized ones that are unique to your business, should be listed in preparation for the risk ID exercise.
  8. Procedural Constraints on Risk ID/Assessment Process
    NB – not constraints of the project; not risks – rather, known constraints of time/resources that will compromise your effort to conduct a comprehensive risk ID.
  9. Deliverable of the Risk ID/Assessment Process.
    Just to clarify to risk ID session participants what they must aim for.

Get the risk context statement reviewed and signed off by the project lead and round table members. The risk identification session itself then goes like clockwork, because you’ve clarified assumptions beforehand.

You can find detailed discussion to accompany the template in these posts:

How to do Risk Assessment-Establish the Context Part 1

How to do Risk Assessment-Establish the Context Part 2

Pitfalls in Writing the Risk Context Paper

Read More