Auditing the Enterprise Risk Management (ERM) Process

[MUSIC] Hello, I'm Kathy Chambers educator here at ACI learning alongside Linh Truong. And we are super excited to introduce a new course to you but before we get to that let's learn a little bit more about Linh. Can you tell us about your background please? Sure Cathy thank you, so my name is Linh Trough and I've been in the internal art space for almost 30 years. I know that stating myself but I started out with KPMG back then, it was the big eight. Now it's the big four and from there have been working in various internal audit functions from financial services industry to on gas industry, biomedical. And more specifically I have served in former chief audit executive roles at the last three companies I worked for and I've actually was hired at each of those companies to build the internal audit function from scratch. So with each one of those experiences I was also asked to spearhead their respective enterprise risk management programs. So really excited to talk about all the ways that auditors can assess the DRM program for their companies. So then the course we're doing together is ACIs auditing What can viewers look forward to? Right, so this course will start out with some basics. It's going to be an overview of the enterprise risk management process, all the underlying elements that make up the Initiative. That will include a discussion on risk appetite, governance roles and responsibilities as well. The course will provide more details into the attributes that make an enterprise risk management program effective including being able to address black swans. And using risk driven metrics to measure the progress and and status of a risk management program. But the majority of the course will be comprised of assessing the Initiative in your organization against the new coastal principles that came out in 2017. Cast Cathy the coastal issued a guidance for Framework that is comprised of five elements and 20 principles. So what we're going through each one of those 20 principles and learn about the best practices of and Program. And looking at audit considerations on how to determine whether your organization is complying with those principles. Linh what do you hope our viewers take away from this course? Well I hope that they come to understand how to apply those principles and and they'll be able to do so. Because we'll be going through this course, not just by going through bullets concepts, but also going through an exercise. Some fun exercises we have in store for them. And as well, we'll be talking about real world examples of actual experience that I've had in implementing And knowing how to assess certain aspects that make an Program effective. Linh, I know that I'm excited to go through this course with you. Why are you excited to go through the course with me? Because because this Concept has been around for several decades. I still think that companies are struggling with getting it right clearly. The recent black swan events or near black swan events, the pandemic etc has has shown that not all organizations are optimizing their ability to properly manage their risks. And so this is an opportunity for auditors and other leaders within the organization who are involved with the risk management role. And responsibilities within their organization to bring back best practices and bring back procedures to determine whether they're Program is effective. And where they need to make the tweaks to make it more effective if it's not there already. All right, thank you Linh, I'm looking forward to going through these episodes with you and to our viewers, we hope you enjoy watching ACIs. Auditing, Yeah. [MUSIC]