Compliance and Compliance Risk Management

The Compliance and Compliance Risk Management course from The Protecht Group is designed to help professionals get a handle on managing regulatory requirements and compliance risks. You’ll dive into different compliance frameworks, learn how to spot and assess risks, and pick up practical strategies for tackling them. The course uses real-world scenarios and case studies to make sure you can apply what you learn directly to your organisation. If you’re looking to boost your compliance skills and integrate smart risk management practices into your work, this course is a great way to gain practical, actionable insights.

Key topics covered:

1. Why we need compliance management

   1. Why we have regulations – society's risk appetite

   2. Organisation objectives related to compliance

   3. The changing face of compliance

2. What is compliance management and compliance risk management?

   1. Defining compliance

   2. Mandatory and voluntary requirements

   3. Scoping the compliance function

   4. Defining compliance risk management

3. What are compliance obligations?

   1. Sourcing obligations

   2. Translating into plain language obligations

4. Compliance risk and compliance controls

   1. ISO 31000 and ISO 37301 definitions of risk

   2. A risk-based approach to compliance

   3. The link to operational risk

   4. Introducing risk bow ties and the components of risk

   5. Controls over compliance and compliance risks

5. Compliance management

   1. Understand compliance obligations

   2. Convert to plain language

   3. Risk rating obligations

   4. Preparing the organisation to comply

   5. Manage ongoing compliance

   6. Compliance attestations

   7. Record and analyse results

   8. Reporting and analytics

6. Compliance change management

   1. Internal and external changes

   2. Risk managing external regulatory change

   3. Risk managing internal systems, process, people, product changes

7. Compliance risk management

   1. Applying ISO 31000 risk processes to compliance

   2. Assessing risks leading to noncompliance

   3. Linking obligations to risk bow ties

8. Risk appetite for compliance

   1. What is risk appetite for compliance risk?

   2. Setting an appetite for compliance risk

   3. What does “zero-appetite / tolerance” mean?

9. Compliance risk assessment

   1. Linking compliance to risk processes

   2. Incorporating compliance into risk and control self-assessments

10. Risk metrics for compliance risks

    1. Identifying risk metrics for compliance risk

    2. Determining thresholds for compliance risk metrics

    3. The risk metrics process

11. Compliance controls management

    1. Identifying key controls for compliance risk

    2. Obtaining assurance over key controls

    3. Controls testing and developing a test plan

12. Compliance incident management

    1. Defining a compliance breach

    2. Identifying a compliance breach

    3. Developing a process for breach management

    4. Meeting external requirements

    5. Setting up and managing a breach register

13. Compliance reporting

    1. Objectives of reporting

    2. Receivers of compliance reports

    3. Types of compliance reports

    4. Defining your reports

14. Compliance roles and responsibilities

    1. Introduction to the 3 lines model

    2. Compliance across the 3 lines

    3. Features of strong compliance culture

    4. Challenges and solutions for effective compliance management