Modern Techniques for Risk Assessment – Presented by Steven Ross

Starts:  Sep 17, 2020 9:00 AM (CT)
Ends:  Sep 18, 2020 1:00 PM (CT)

Schedule has been updated to split course into two 1/2 day sessions
We are offering ISACA Member rate to all attendees.

The antiquated formula Risk = Impact x Probability is unprovable and unworkable. In this one-day seminar participants learn why that formula is incorrect and which other techniques that are being used by advanced risk practitioners are more applicable to contemporary enterprises. These methods will make the determination of risk align with both reality and expectation. They make the concept of risk a meaningful determinant for management decision making.

Intended audience: Internal and External Auditors, Risk Managers, Security Professionals, Business Managers, Financial Executives, Legal Counsel

Learning objectives: Participants in this seminar will learn:
• Why the commonly used formula fails
• Which techniques provide greater insight of operational and financial risk
• The standards that apply risk assessment
• The tools and techniques that can be rapidly put in place in large and small businesses
• How to interpret risk assessment results
• Methods for portraying risk to aid management decision making

Seminar outline:
A. The Failure of the Traditional Formula a. Risk of what? b. Why a failed method remains so popular c. The unknown and the unknowable d. The uncertainty of loss e. Credible versus probable risk f. Risk and profit
B. Risk Assessments: Why and How? a. When to perform a risk assessment b. When not to perform a risk assessment c. Who should perform a risk assessment d. Who should receive a risk assessment e. Risk assessments over time f. Case study
C. Risk Assessment Standards a. NIST 800-30 b. NFPA 1600 c. PCAOB d. PCI DSS e. FAIR f. ISO 31010
D. Black Swans - The Risk of the Highly Improbable a. The Gaussian bell curve b. Liars and outliers c. Incorporating black swans into the risk portfolio
E. Hazard Based Risk Assessment a. NFPA 1600list of hazards (threats) b. Establishing credibility c. Specific circumstances and countermeasures d. Frequency analysis e. Impact analysis f. Hazard index g. Speed of onset h. Reporting on risk i. Case study
F. Failure Mode Effects Analysis a. Codifying Murphy’s Law b. Process vs. threats c. Severity rating d. From potential failure to positive action e. Reporting on risk f. Case study
G. Project Value Risk Assessment a. Assessing complexity b. Adding value to projects c. Managing quality d. Case study
H. Multi-Dimensional Risk Assessment a. Effects vs. threats b. Impact categories c. Scale d. Fuzzy sets e. Frequency ofoccurrence f. Risk measurement panel g. Reporting on risk
I. Conclusion

CPE’s: 8 Credits for presentation


Online Instructions:
Login: Login information will be emailed to registered attendees 2 days before the meeting.