This module encompasses a detailed examination into RCSA options, approaches andmethodologies including their purpose and design, tools, and their fit into an ERM framework.The content encapsulates a practical approach to implementing RCSAs, its fit into, and use as, a critical ORM tool as well as its critical stakeholders. Participants will be taken through a detailed case study and exercise over a complete RCSA lifecycle and will be given the opportunity of practicing their new skills via a mini RCSA practical workshop.

The module also takes participants through various Internal Control models and frameworks, including elements of COSO’s internal control framework – and their limitations.  Participants will also be exposed to the linkages between RCSA, Internal Control frameworks and best practice governance recommendations and practices, as well as Corporate Governance codes and principles.

There are many existing definitions of Corporate Governance (“CG”) and best practice guidelines vary from one international region to another. This program is designed to provide participants with a solid fundamental understanding of the origins, principles, development and current status of CG and CG standards. As a developing ERM practitioner, this program will help you gain the necessary skills and knowledge to utilise and move CG from value preservation activities towards value enhancement activities, principles, processes and concepts in relation to ERM. Participants will be instructed in how the concepts and basics of CG developed, as well as the roles of the various bodies and organisations key in its evolution, application and enforcement. The program includes instruction in effective CG drivers and how to establish, assess, improve and monitor effective CG programs in your organisation. The course provides participants with an overview of CG, its relevance to GRC concepts and how to achieve results through effective implementation of all of the above.

In this age of increasing cybersecurity threats, what is required is a prioritized, flexible, repeatable, performance based, andcost-effective approach. The program teaches a flexible way to address cybersecurity, including cybersecurity’s effect on physical, cyber, and people dimensions. This includes information security measures and controls – especially over critical infrastructure- to help organisations identify, assess, and manage cyber risks. Management and risk managers should focus onusing business drivers to guide cybersecurity activities and considering cybersecurity risks as part of the organization’s riskmanagement processes. This can assist organizations in addressing cybersecurity as it affects, amongst others, the privacy of customers, employees, and other parties. At the core of this program is a set of cybersecurity activities, outcomes, and informative references

that are common across sectors and critical infrastructure which organisations should bear in mind. Organizations can determine activities that are important to critical service delivery and can prioritize investments to maximize the impact of each dollar spent. The Framework taught enables organizations – regardless of size, degree of cybersecurity risk, or cybersecurity sophistication – to apply the principles and best practices of risk management to improving security and resilience.

Anyone involved in ERM or embarking on a career in ERM must have a sound practical grounding in the theories and practices of ERM – and its linkages to other relevant and associated disciplines, standards (e.g. BCM), and practices such as GRC, ESG, Anti bribery and corruption, etc. When implemented and utilised properly, ERM can become a driver for Commer­cial Sustainability as well as Organisation­al Agility and Resilience. This program coaches participants in how to achieve all of this. The module explains and re-emphasises the fundamentals of ERM, and shows how it can be utilised to drive strategy, performance, and the linkages to corporate governance and internal controls – and how to achieve all of this via a systematic, holistic and structured approach as well as the role and importance of culture in all of the above. Participants will also be taught how to apply strategic risk management concepts to enhance decision making processes and to add value to the business.