Risk Management
This workshop provides a comprehensive introduction to risk management principles and practices. Grounded in ISO 31000 and the COSO ERM framework, the course equips participants with the tools to identify, assess, respond to, and monitor risks in any organizational context—from a single project to an enterprise-wide program. Practical case studies using General Motors bring the concepts to life throughout the course.
What you'll learn
- Define risk and risk management
- Describe the COSO ERM cube and ISO 31000
- Establish a risk management context
- Describe the 7 Rs that form the framework of risk management activities
- Design and complete a basic risk assessment
- Determine the appropriate response to risks and create a plan for those responses
- Describe the key components of reporting, monitoring, and evaluation of a risk management program
Preview a lesson
What Is Risk? Risk is a concept that affects every organization, regardless of size or industry. The **ISO 31000** risk management standard defines risk as *"the effect of uncertainty on objectives."* In other words, a risk is any deviation—positive, negative, or neutral—from what you expect to happen. Risks generally fall into one of four areas: **Strategic risks** — related to your organization's long-term direction (three, five, or more years out) **Change management risks** — arising during mergers, restructuring, or other major transitions **Operational risks** — affecting the day-to-day running of the business **Financial risks** — threatening the overall financial health of the organization It is important to remember that risk is not always negative. An unexpected drop in supply costs, for example, is a positive risk. Your goal is to be aware of and prepared for all types of deviation. Common Examples of Risk Risks can emerge from many sources, including: Government regulation or shifting economic and social conditions Changes in key partnerships, vendor relationships, or supply sources Labor market fluctuations affecting workforce availability and cost Integration challenges with IT or communications systems Legal or privacy restrictions on information access Security incidents that disrupt operations Quantitative vs. Qualitative Risks Risks can be classified as **quantitative** (those with a clearly measurable impact on time, money, or resources) or **qualitative** (those that
…Enroll to read the rest and the full curriculum.
Curriculum
Understanding Risk
4 lessons- textWhat Is Risk?Preview
- textWhat Is Risk Management?
- textKey Models: COSO ERM and ISO 31000
- quizModule 1 Knowledge Check
Assessing Risk
3 lessons- textThe Risk Management Activities Framework
- textIdentifying and Evaluating Risks
- quizModule 2 Knowledge Check
Responding to Risks and Resourcing Controls
3 lessons- textThe Four T's: Risk Response Strategies
- textResourcing Controls
- quizModule 3 Knowledge Check
Reaction Planning, Reporting, and Monitoring
3 lessons- textReaction Planning: Preparing for the Worst
- textReporting and Monitoring Your Risk Program
- quizModule 4 Knowledge Check
Reviewing and Evaluating the Framework
2 lessons- textReviewing and Improving Your Risk Management Program
- quizModule 5 Knowledge Check
