
TechRisk Management - Foundation
Interactive risk training and certification for all experience levels
In this “information Age” organisations are dependent on Information Technology (IT). Advances in IT have enabled traditional businesses to deliver services in new ways, and completely new types of businesses to appear. So, while IT is a fundamental enabler of business in the 21st century, the accompanying opportunities and risks require managing.
This online course will equip you with an understanding of both IT-enabled opportunity and risk, and help you guide your organisation toward optimising IT risks.
Who should attend?
Vital Advisory’s 3-day TechRisk Management Foundation training (delivered online – 20 & 21 March, 2023) allows you to learn about key IT risk management concepts in a simple and pragmatic way. Although aimed at Foundational level, the course includes methods and insights which will reward experienced risk, assurance, and compliance professionals as well.
The course includes a Foundation Certificate exam.
The first of its kind, Vital Advisory’s TechRisk Management Foundation training is designed to assist:
+ Business leaders and executives
+ IT executives and leaders
+ Enterprise Risk professionals
+ Internal Audit and compliance professionals
+ InfoSec professional interested in expanding TechRisk knowledge (i.e., beyond cyber risks)
+ Founders or Senior Leadership team of Technology Companies who are interested in growing their revenue and building brand reputation
+ Anyone intending to pursue a career in TechRisk Management
Learning outcomes
+ Understanding the key concepts in TechRisk Management
+ Introduction to opportunity and risk
+ Understanding capabilities and processes needed to manage TechRisks effectively
+ Preparing for the next level of TechRisk implementation or audit training
Course Content
Course Schedule
+ Online
+ 20 & 21 March, 2023
+ 9am – 5pm
Part 1: What is TechRisk Management?
+ Key concepts and Principles of TechRisk Management
+ How TechRisks differ from other types of Enterprise Risks, especially Cybersecurity Risks
+ Risk management and TechRisk management frameworks and approaches (including ISO 31000, COSO ERM, COBIT 2019, COBIT 5 for Risk, and ISO27001)
+ Introduction to risk culture and understanding it’s importance whilst managing TechRisks
+ Changing the narrative about and approach towards TechRisk ManagementPart 2: Why manage technology risks in a structured way?
+ Challenges with TechRisk Management
+ Drivers and benefits of managing TechRisk Management effectively
+ Understanding the business and its objectives in the context of TechRisk Management
+ TechRisk Myth Busters:1. Not just about technology
2. Management vs. Mitigation
3. Processes vs. Function
4. Risk or Compliance team’s job
5. Cybersecurity team’s job
6. Positive vs negative risk managementPart 3: What does TechRisk Management involve?
+ The Role of a TechRisk Management in an organisation
+ Expressing TechRisk assessment and acceptance criteria in business terms
+ Establishing effective risk governance – roles, responsibilities, and authorities (incl 3LOD)
+ Skills, knowledge, and competence requirements for TechRisk Management
+ Introduction to risk management processes
+ Using a TechRisk Management Framework (TRMF) to manage TechRisk Capabilities and Processes
+ Establishing effective risk governance – roles, responsibilities, and authorities (incl 3LOD)
+ Assigning risk and control ownership
+ The role and composition of a TechRisk Function
+ Integration of TechRisk Management with Enterprise Risk Management as well as Cybersecurity Risk ManagementPart 4: TechRisk Management Processes
+ Identifying ‘key’ risk scenarios
• Understanding the business and its systems and processes
• Aligning ‘key’ risk scenarios with business objectives (e.g., using the Top-down and Bottom-up approach and Bow-tie model)+ Assessing risks
• Understanding inherent, current, and residual risk states
• Controls assessment techniques
• Quantitative and qualitative risk assessment+ Evaluating and treating risks
• Evaluating risks for acceptance or treatment
• Identifying and selecting risk response options
• Assigning risk and control ownership
• Using a capabilities framework
• Risk treatment prioritisation+ Risk reporting and monitoring
• Monitoring risks with KRIs
• Risk reporting techniques and pitfalls (including risk aggregation, heat maps)Part 5: TechRisk Management Foundation Exam
+ 50-minute duration
+ 50 multiple choice questions (MCQ)
+ 60%+ score to pass (i.e., 30 or more correct answers required to pass from 50 available MCQ)
+ Paper-based closed book exam
For bookings or further information, call our Registration Desk on +61 410 379 407.
Training backed by experience
Our trainers have extensive experience in developing and delivering TechRisk Management capabilities with organisations of all sizes. They will facilitate interactive sessions during this training where participants are encouraged to discuss and explore their TechRisk management challenges and build potential solutions.
Our Trainers:
CONTACT
If you’d like to discuss our TechRisk Management Foundation training, please contact Paras Shah on +61 420 978 258. For bookings, please contact our registration desk on +61 410 379 407.