The Institute of Enterprise Risk Practitioners (IERP®) is the world’s first and leading certification institute for Enterprise Risk Management (ERM).

Image Alt

Operational Risk Manager (ORM™)

  /    /  Operational Risk Manager (ORM™)
An operational risk manager is writing something on the board with a red pen.

Operational Risk Manager (ORM™) Certification Program

The IERP® offers the most ideal program for operational risk managers out there if you wish to broaden your knowledge in operational risk management. Gain in-depth knowledge on how you can effectively implement operational risk management, including Technology and Data Risk Management and Cybersecurity Risk management, to make the best decision-making strategies for your organisation.

The advantages for organisations that manage to do this are significant and, conversely, operational risk can be a costly risk for companies that do not manage it well. Already, efforts to address the new challenges are bringing measurable bottom-line impact. Progress will require time, investment, and management attention, but the transformation of operational-risk management offers organisations compelling opportunities to reduce operational risk while enhancing business value, security, and resilience.

By helping the business meet its objectives while reducing risks of large-scale exposure, operational risk management will become a creator of tangible value. Grab this chance to master the Operational Risk Manager (ORM) certification program only at the IERP®.

Looking for other certification besides Operational Risk Manager (ORM™)? Browse through our risk management training and certification programs as we offer various training and certification programs including Enterprise Risk Manager (ERM®) certification, Business Continuity Manager (BCM®) certification and more!

Summary Info

  • Delivery method : In-person, virtual training
  • Duration : 4 modules over 4 Days
  • CPE hours : 32 hours

Certification Modules

Advanced Principles of Operational Risk Management (20 November 2023)

Organisations globally are evolving a more common view of the purpose, function, and value contribution of operational risk management (ORM). ORM programs have continued to mature with a focus on the identification, measurement, and communication of operational risk exposures. The most commonly cited key obstacle to the successful implementation of ORM is a lack of overall awareness and knowledge of Operational Risk Issues among senior staffers. In order for the full value of these ORM programs to be realized, Management and Risk Management professionals must guide the firm in linking ORM performance to the performance of the firm. To achieve this, the relevant senior team members must possess a sound grasp of the various quantitative and qualitative ORM tools (absolute vs relative measures, establishing practical Key Risk Indicators (KRIs), Advanced Risk Appetites, Stress testing and scenario analysis, etc.) in order to guide the Board and Organisation on its journey towards operational excellence.

Cyber Security Risk Management (21 November 2023)

Cybersecurity threats exploit the increased complexity and connectivity of systems, placing the organisation’s sustainability, performance and viability at risk. This module has been designed to enable Risk and Management professionals to better assess the cyber-resilience and exposures of their organisations and to design and implement effective cybersecurity mitigation and governance plans for their organisation. Participants will also be grounded in selecting, designing and implementing a practical Cyber Risk Maturity framework for their organisation and exposed to various cyber threat scenarios as well as the importance of ensuring the various perimeters within and without the organisation are secure. With so much at stake for a business – financial loss, operational disruption, competitive disadvantage, legal liability, and harm to corporate reputation – the question for corporate directors and officers is not whether to become involved in cyber risk management, but how to appropriately implement and oversee their company’s initiatives.

Technology and Data Risk (22 November 2023)

To keep up with the lightning speed of development in business digitisation, a proactive approach to risk management is not a luxury but a necessity to cater for, and catch-up with, the market. Issues that risk professionals have always been concerned about such as security, privacy and compliance are hyper-magnified in today’s dynamic digital operating environment. As such, risk management strategies must be equally responsive and agile in order to continue the bottom-line defence and top line offence – because digitisation & expansion should not come at the price of higher exposure to risk than the company is prepared for or willing to embrace.

This module on Digital Risk Management & Disruption is especially designed to help participants drive the proactive evolution of risk management methodologies from compliance-based, reactive, and linear to proactive, risk-based, iterative and future proof.

Participants can expect to be skilled and equipped to pivot risk management tools that drive greater efficiency and profitability in tandem with digitisation efforts. Learn how to effectively adapt existing risk and control frameworks to new technologies and innovation. Gain insights on the role of organisational risk culture in risk management and benefit from practical guidance on how to drive the evolution of risk culture in the company to support the digitisation journey. Participants can also expect to walk away and be able to approach risk as an overarching business strategic concern and become a value-adding partner to digital projects lifecycle – from planning/design through deployment and monitoring.

Participants will be equipped with knowledge on digital ERM fundamentals, concepts and standards as well as exposed to the end- to-end process of integrating/applying ERM in the organisation’s digitisation blueprint. The content extends to identifying challenges or shortfalls of traditional risk management especially in addressing digitisation risks, the case for digitising ERM in overcoming these challenges to practical guidance on gaining management buy-in, designing the company’s bespoke digital ERM framework and its application, as well as driving the organisation culture change needed to provide a firm foundation for the digitised ERM to work.

Enterprise Risk Management (23 November 2023)

Anyone involved in ERM or embarking on a career in ERM must have a sound practical grounding in the theories and practices of ERM – and its linkages to other relevant and associated disciplines and standards (e.g. BCM). When implemented and utilised properly, ERM can become a driver for Commercial Sustainability as well as Organisational Agility and Resilience. This program coaches participants in how to achieve all of this. The module explains and re-emphasises the fundamentals of ERM, and shows how it can be utilised to drive strategy, performance, and the linkages to corporate governance and internal controls. Participants will also be taught how to apply strategic risk management concepts to enhance decision making processes and to add value to the business.

Has obtained the ORLqualification
A degree holder (or its equivalent, and above) with a minimum of 3 years proven operational risk management experience or with ORL qualification
A non-degree holder with a minimum of 10 years proven operational risk management experience or with ORL qualification

The IERP® utilises adult-learning methodologies that incorporate a highly practical approach to ensure participants are fully engaged in the learning process. About 20-30% of the program will be covered in lectures, and 70-80% utilising interactive learning methodologies.

This program is suitable for anyone working in or related to  Operational Risk Management, Risk Management, Internal Audit, Governance, Compliance, Operations, Quality, Environmental Health & Safety, Project Management, etc.

To become fully certified, participants will be assessed based on the following criteria:

  1.      Attendance and participation in class
  2.      Multiple choice examination


Who are the instructors?

All our faculty are practitioners with relevant risk management and BCM experience, averaging over 30 years of working experience each and with most of their last positions being C-Level executives in large national and multi-national corporations. Some hold Board Directorships and chair Board Committees such as Board Risk, Board Audit, and Board Investment Committees.

How many modules are there in this programme?

4 modules over 4 days

What is the time limit for me to finish this programme if I can’t attend all the modules within one year?

Maximum 3 years

Can I attend the certification program in other country?

Yes, however, you will have to pay whatever fee applicable in that country. And you will have to pay the travel, accommodation and subsistence yourself.

What will I get after taking this certification course?
  • Enhances your professional credibility
  • Gives you confidence that you have “passed through the chairs” and proof of ability
  • Extends your knowledge and skills, preparing you for more job responsibilities
  • Enriches self-image and reputation among peers
  • Improves career opportunities-promotion, pay increases, job portability
  • Establishes you as a continuous learner who believes in continuous professional development
  • Gives you an edge over your competition in the eye of your potential employers
  • Plugs you into a new network of like-minded risk professionals “club”

In addition, you will receive instant recognition that you have achieved the minimum standard of competency as a certified and qualified enterprise risk manager. Organizations have also started approaching the Institute to source for risk managers – which is one of the services that the Institute offers to corporate members of the Institute.

Request a Brochure

    Name (required)

    Email Address (required)

    Mobile Number (required)

    Company (required)

    Designation (required)

    Preferred Contact Method: (required)

    What is the biggest challenge in your job/industry


    User registration

    Reset Password