Pre-Conference Workshop Day: Wednesday 26 April 2017

Enterprise risk management’s primary focus is on the risks within an organisation, but the risks that can really impact an organisation over the longer term are often systemic and external. Risk such as climate change or threats to cyber security can’t easily be controlled and require different risk management approaches that build resilience rather than provide short term solutions.

Risk ownership is the one constant aspect in highly dynamic risk
landscape and can provide a foundation for the development of robust risk cultures. Building risk ownership within an enterprise means understanding the relationship between what is at risk, the risk itself and the owner of the risk.

This session will walk practitioners through a processed based
framework that has been developed as part of the Bushfire and Natural Hazards CRC Program to support better risk ownership of natural hazard risks in the strategic decision making context. It will show how risk ownership can be used to link all aspects of the risk process to build more collaborative approaches and proactive responses to manage longer term risk.

What will the workshop cover?

  • Understand the different dimensions of risk ownership and how this can be used to build a robust risk culture in your organisation
  • Avoiding the ‘tick and flick’ approach and manage systemic risk in a way that links strategic risks to operational frameworks
  • Understand the role of values and how they can be used to focus and enhance risk assessments
  • Reduce liability in your organisation through better identification of risk ownership and focusing of resources

Celeste Young

Collaborative Research Fellow Centre of Strategic Economic Studies College
Victoria University

Roger Jones

Professorial Research Fellow
Victoria University

11:30 AM - 2:30 PM Workshop B: Leveraging Cyber Enterprise Risk Management to Mitigate Risk of Cyber-Attacks

Nalin Asanka Gamagedara Arachchilage , Researcher, Australian Centre for Cyber Security
Cyber security continues to be a talking point in risk management, and in an age where organisations are depending more and more on technology, it is no surprise that Government entities are being pushed to consider their approaches to mitigating the risk of cyber-attacks. An organisation can often feel it’s secure, but if not adequately managed with the right software or individuals aren’t taking responsibility, it can open up possibilities to new risks that leave the organisation vulnerable. This workshop will explore strategic plans to enact in your organisation to strengthen your resilience and capabilities in a digital age.

What will the workshop cover?
  • Understanding the context of big data – how to use, manipulate and collect it, and effective ways to develop practical frameworks to protect and minimise exposure
  • Constructing a holistic cyber governance approach and learning the benefits on adopting a portfolio view of cyber-risk controls
  • How to build and increase awareness on cyber security within your organisation to close the cyber ‘talent gap’ to increase organisational capability and competencies in protecting sensitive data
How will you benefit?
  • Improving your organisation’s digital literacy to make sense and manage risks more effectively
  • Shifting mindsets in approaching and perceiving cyber risk and security to reduce exposure of confidential data
  • Developing insights into effective technologies and systems to enhance risk management and assessments

Nalin Asanka Gamagedara Arachchilage

Australian Centre for Cyber Security

2:30 PM - 5:30 PM Workshop C: Design Thinking for Understanding Risk Appetite and Tolerance

Barnaby Pace, Risk Manager, Hamilton City Council New Zealand
Design thinking is often applied as a strategy for innovation, but is not a methodology exclusive for designers. It can be used to help people understand and create ways to solve a specific issue, and in the context of enterprise risk management, it can be integrated to understand an organisation’s risk appetite and tolerance. This mindset allows an organisation to switch to a more solution focused and action oriented attitude towards the meeting the future objectives of the organisation. This workshop will build on practical solutions and methodologies for developing a healthy risk appetite and tolerance to ultimately strengthen organisation resilience and understand resource capacity.

What will the workshop cover?
  • Identifying the crucial steps for initiating risk appetite and tolerance from reflecting on strategies for controlling decisions, making decisions and on what occasions they’re implemented
  • Developing techniques and policies for handling risk uncertainty to control and better define level of risk appetite statements
  • How to engage staff with risk knowledge to gain better understanding of how their individual risk appetites and your organisational tolerance can be aligned to strategically meet future objectives with a focused and action oriented attitude

How will you benefit?
  • Enhanced design thinking and decision making in risk management as a result of better handling of uncontrollable risks
  • Enabling staff to progress in individual risk resilience and capabilities through nurturing solution focused mindsets and attitudes
  • Influence healthy and engaging conversations that will stimulate a healthy balance of risk appetite and tolerance

Barnaby Pace

Risk Manager
Hamilton City Council New Zealand

5:30 PM - 11:59 PM Workshop D: Beyond Compliance: ERM Redesign and Innovation to Develop Risk Resilience

ERM is a constant journey and requires a robust plan that is measureable with reportable outcomes. This can involve developing and maintaining your risk talent, moving from traditional excel spreadsheets to electronic software or revamping your frameworks and strategies in your approach with risk management. Additionally, focusing on risk management as a compliance issue can often create a disengaged risk culture, affecting the risk resilience an organisation has. This workshop will focus on innovating strategies and redesigning your existing framework for better organisational resilience to meet future organisational objectives.

What will the workshop cover?
  • Reshaping the mindset towards ERM from one that is about compliance to one on guidance in order to further develop risk response and capabilities, and effectively engage executive and management staff
  • Understanding what a framework can and cannot achieve and how to determine suitable risk management software that will benefit your organisation
  • How to develop innovative staff rotation and training programs to create more risk management capacity and capability

How will you benefit?
  • Innovating strategies for risk development and retention
  • Creating an understanding of risk management as a dynamic added value tool
  • Increase capacity and capability through implementing new strategies to carry on in the future