The Institute of Enterprise Risk Practitioners (IERP®) is the world’s first and leading certification institute for Enterprise Risk Management (ERM).

Image Alt

Enterprise Risk Professional (ERP™)

  /    /  Enterprise Risk Professional (ERP™)
A man who is a certified enterprise risk management professional is climbing the stairs.

An Advanced-Level Course for ERM Movers and Shakers

Empower yourself with practical skills and tools to champion the effective implementation of enterprise risk management (ERM). Familiarise yourself with the internationally acclaimed objective centric risk management and ERM approach. Building on the Enterprise Risk Manager (ERM®) certification program, the ERP® certification is well-suited to senior management professionals or those seeking to take on leadership positions in risk management or corporate stewardship within their organisations.

Learn how to deploy ERM as a key driver of performance and achieve commercial sustainability, resilience, and agility. As a certified enterprise risk management professional, you will be able to evaluate internal and external issues affecting your organisation and guide the business towards achieving its strategic objectives. You will also be well-versed in the relationships between various management concepts, including Digital Risk Management and Operational Risk Management, critical to the successful implementation of advanced levels of ERM, Strategy, and BCM and DRP frameworks, as well as ESG risk management.

Whether you’re looking to enhance the risk function in your organisation or take a leap in your career development, this 8-day advanced ERM program will build on your existing expertise, deepen your knowledge, and provide you with the confidence to make bold strategic decisions.

Are you interested in being a certified enterprise risk management professional? Get in touch with our team at the IERP® to know more about this training program.

Summary Info

  • Delivery method : In-person, virtual training
  • Duration : 8 modules over 8 Days
  • CPE hours : 64 hours

Certification Modules

To become fully certified, participants will have 3 years to complete all training modules. Registration for individual training modules is also available.

Enterprise Governance (6 November 2023)

The focus of this module is to inculcate participants with a sound grasp of the many difficult leadership, strategy and policy questions in relation to Corporate and Enterprise Governance within an organization. Topics covered include Crisis prevention, Empowering the board, Strategic audits, the difference between Managed corporations and Governed corporations, and many more.

Crisis Communication and Management (7 November 2023)

Every organization is vulnerable to crises. The days of playing ostrich – burying you head in the sand and hoping the problem goes away – are gone. You can try, but your stakeholders will not be understanding or forgiving. If you don’t prepare, you will incur more damage. Experience demonstrates that organizational leadership often does not understand that in the absence of adequate internal and external communications, operational response will break down; stakeholders will not know what is happening and quickly become confused, angry, and negatively reactive; the organization will be perceived as inept, at best, and criminally negligent, at worst; the length of time required to bring full resolution to the issue will be extended, often dramatically; and the impact to the financial and reputational bottom line will be more severe.

This programs takes Enterprise Risk Professionals through the fundamental concepts and shows how the principles covered during the program will guide them in not just surviving the onslaught of any crisis, but emerging after the crisis with a stronger business and wiser team.

Investment Risk Management (8 November 2023)

This module has been designed to ground the participants in the quantitative and qualitative investment risk management issues which senior risk professionals will be expected to deal with. The range and characteristics of the topics covered ensures adequate broad coverage over the entire spectrum of practices, frameworks, and analytical techniques. Course content includes the application of investment risk management in a practical context, pragmatic evaluation and analysis of risks to enable balanced risk reporting and decision making, and forward planning in anticipation of future investments risks and preparing for mitigation measures.

Participants will also be guided through practical Investment Planning and Investment Management processes and policies as well as effective Portfolio Management processes. The program also guides participants in establishing effective Investment Risk Management processes and reporting.

Advanced Fraud Risk Management and Anti-Bribery Management Systems (ABMS) (9 November 2023)

The design of this program provides senior participants with a firm grounding in the purpose and aims of fraud risk management, as well as how to go about designing establishing and running such a framework in the participants organisation. Participants will study the practical design and establishment of effective fraud risk management frameworks, processes, policies and procedures including investigative procedures from an ERM perspective. The program also provides relevant guidance in establishing appropriate fraud risk management reporting and oversight and how to recognise and deal with red flags. Numerous workshop exercises are incorporated into the program’s learning design to ensure optimal learning and application of concepts.

Technology and Data Risk (22 December 2023)

Technology and Data risks, synonymous with modern organisational activities, are becoming more prominent—and more dangerous. In response, many organisations simply deploy their considerable IT expertise on patching holes, maintaining systems, and meeting regulations – or just set up specialized teams to cope with acute problems such as cybersecurity. But these half-measures are unlikely to afford sufficient protection. An IT-oriented approach may be unable to account for wider business implications and operational as well as strategic interdependencies.

The adequate mitigation of technology and data risk requires a coordinated effort that goes beyond IT-centred remedies. Leading organisations are creating specialized teams within the enterprise-risk-management group to manage technology and data risk across the organisation.

This program covers the tools, principles, frameworks and practices that these teams need to employ to stay well connected and integrated with the rest of the organisation, to develop the skills needed for these complex jobs, and to drive transformation and remediation activities to ensure a successful conclusion.

Value Creation through ESG (Environment, Social and Governance) (28 November 2023)

Whether companies are subject to ESG (environmental, social, governance) related regulations or otherwise, there is an expectation on the part of investors and regulators for Corporations to address ESG impacts and to incorporate this broader perspective into their strategy and decisions. In practice, therefore, Corporations should expand their remit and start to delve into the various ESG aspects relevant to their entities.

The context in which businesses now operate has been transformed by climate change, nature loss, social unrest around inclusion and working conditions, Covid‑19 and changing expectations of the role of corporations. The Covid-19 pandemic has exposed the fragility of our global systems. It has exacerbated underlying and longstanding failures regarding equality access to economic opportunities and is unfolding at the same time as a mounting climate crisis.

To continue to thrive, companies need to build their resilience and enhance their licence to operate, through greater commitment to long‑term, sustainable value creation that embraces the wider demands of people and planet.

Implementing ISO 31000 effectively (30 November 2023)

All organisations face the increasingly complex challenge of managing a wide variety of risks and opportunities effectively. ISO 31000 provides the principles, framework and process for managing any form of risk in a transparent, systematic and credible manner within any scope or context to ensure the achievement of organisational objectives and to improve the quality of decision-making.

The module includes practical studies and discussions on the principles of risk management, frameworks for the management of risk, various tools and techniques for risk assessments, and links to other management systems. Upon completion of the program, participants will have a sound grasp of the practical issues and considerations relating to the effective organisational implementation of ISO 31000. This will enable their organisations to enjoy the benefits accruing to overall organisational performance – through effective risk monitoring and improvement techniques – and to achieve organisational sustainability, agility and resilience.

Emerging Risk and Black Swans (1 December 2023)

As humans, we commonly only see the things that are directly in front of us. Traditional risks are easily predictable and straightforward. Emerging risks are influenced by several characteristics that sets them apart from traditional risks. They are ambiguous, highly dynamic and uncertain in nature. The problem with emerging risks is that it may take place, quickly, at unexpected times, or not at all. This makes it difficult to identify and prepare for.

In this module, participants will learn how to drive the proactive evolution of risk management methodologies from compliance-based, reactive, and linear to proactive, risk-based, iterative and future proof. The module also covers Black swans – highly unpredictable events that occur beyond what is expected for the situation, with potentially severe consequences. A number of events over the last century described as black swan include World Wars 1 and 2, the September 11 incident and the 2008 financial crisis – but is this analysis correct? The most recent debate is whether the COVID-19 pandemic is a black swan event. On the one hand, the threat of a pandemic has been known to risk experts. On the other, the unpreparedness of organisations and countries has shown that it was considered an outlier event and did not need proper preparation for. Content includes what black swan events really are, why and how it affects your organisation, and several methods of reducing the effects of black swan events.

Only applicable to those seeking a full certification. There are no eligibility requirements for individual modules except for ERM Lab which is only available to the IERP®’s ERM® graduates. 

All participants who want to enrol for the ERP® certification program must have first obtained the IERP®‘s ERM® qualifications and must be members of the IERP®.

  • Internal Audit and Assurance professionals
  • C-Level executives and head of departments who are decision-makers in their organisations
  • Risk management professionals
  • Non-risk management professionals working in Corporate Planning, Strategy, Governance, Compliance, Operations, Investment, Treasury, Product Development, Regulators, Legal, Quality, Environmental Health & Safety, Project Management, Insurance, Underwriting, and other related areas.

To become fully certified, participants will be assessed based on the following criteria:

  1.      Attendance and participation in class
  2.      Multiple choice examination
  3.      Case study


Who are the instructors?

All our faculty are practitioners with relevant risk management and BCM experience, averaging over 30 years of working experience each and with most of their last positions being C-Level executives in large national and multi-national corporations. Some hold Board Directorships and chair Board Committees such as Board Risk, Board Audit, and Board Investment Committees.

How many modules are there in this programme?

6 modules over 8 days

What is the time limit for me to finish this programme if I can’t attend all the modules within one year?

Maximum 3 years

Can I attend the certification program in other country?

Yes, however, you will have to pay whatever fee applicable in that country. And you will have to pay the travel, accommodation and subsistence yourself.

What will I get after taking this certification course?
  • Enhances your professional credibility
  • Gives you confidence that you have “passed through the chairs” and proof of ability
  • Extends your knowledge and skills, preparing you for more job responsibilities
  • Enriches self-image and reputation among peers
  • Improves career opportunities-promotion, pay increases, job portability
  • Establishes you as a continuous learner who believes in continuous professional development
  • Gives you an edge over your competition in the eye of your potential employers
  • Plugs you into a new network of like-minded risk professionals “club”

In addition, you will receive instant recognition that you have achieved the minimum standard of competency as a certified and qualified enterprise risk manager. Organizations have also started approaching the Institute to source for risk managers – which is one of the services that the Institute offers to corporate members of the Institute.

Request a Brochure

    Name (required)

    Email Address (required)

    Mobile Number (required)

    Company (required)

    Designation (required)

    Preferred Contact Method: (required)

    What is the biggest challenge in your job/industry

    Which modules are you interested in? (required)
    Enterprise GovernanceCrisis Communication and ManagementInvestment Risk ManagementAdvanced Fraud Risk Management & Anti-Bribery Mgmt Systems (ABMS)Value Creation thru ESG (Environment, Social and Governance)Technology and Data RiskImplementing ISO 31000 EffectivelyEmerging Risk and Black Swans


    User registration

    Reset Password