Risk Management by Design Workshop

Events / Risk Management By Design Workshop – New York 

Risk Management By Design Workshop - New York

Overview of the In-Person Event:

Risk is pervasive throughout business strategies, operations, and processes. Siloed approaches to risk management leave the organization not seeing the big picture of risk. The reaction is often to centralize risk management which forces different areas of the organization into a one-size-fits-all risk management model that fails to adequately manage and monitor risk. Defining strategy, managing operations, and addressing organizational change requires the ability to provide meaningful risk information for decision-making for boards, executives, GRC professionals, as well as the line of business.




Thursday, 10th March, 2022

Convene, 2nd Floor, 101 Greenwich Street, New York, NY 10006, US



6.5 hours

09:30 am – 16:00 pm EST

Thursday, 10th March, 2022

Convene, 2nd Floor, 101 Greenwich Street, New York, NY 10006, US

6.5 hours

09:30 am – 04:00 pm EST

Register Now!
Thank you for filling out the form.
A confirmation will be sent to your email shortly.

Benefits to attendees:
  • Understand a top-down as well as a bottom-up approach to risk management
  • Implement risk management in the context of business strategy, process, and operations
  • Explore different risk management architecture models and how they apply to your organization
  • Discover various risk management techniques and how they apply to your business
  • Develop a risk information architecture that aligns with business operations and processes
  • Effectively communicate risk across your organizations

As business becomes increasingly complex in a changing business and risk environment – that struggles with growing regulations, globalization, and distributed operations – organizations need a blueprint for effective, efficient, and agile risk management. This requires organizations to design risk management into the organization as an integrated part of strategy and operations supported by an integrated risk information architecture that allows organizations to have a 360° situational awareness of risk in the context of business strategy and operations.

This workshop aims to provide a blueprint for attendees on effective risk management strategies in a dynamic business and risk environment. Attendees will learn risk management strategies and techniques that can be applied to enterprise and operational risk management strategies as well as departmental-focused risk initiatives. Learning is done through lectures, collaboration with peers, and workshop tasks.

Attendees will take back to their organization approaches to address:

  • Risk Management Strategy. Understand risk in the context of business performance, strategy, objectives as well as its culture and values.
  • Risk Management Processes. Flowing from the strategy are the risk management processes integrated into the organization and how it operates. Good risk management is done in the rhythm of the business.
  • Risk Management Information Architecture. Defining an information architecture that enables risk strategy and processes by providing 360° situational awareness of risk in the context of business strategy and operations
  • Risk Management Technology Architecture. The necessary technology components needed to bring together diverse and distributed risk management roles and integrate risk management into the culture and operations of the organization.
The Speaker:
Michael Rasmussen Portrait
Michael Rasmussen

The GRC Pundit @ GRC 20/20 Research

The GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 23+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” — being the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.

The Agenda:

Part 1: What is Risk?

Understanding Risk in the Context of the Organization

  • Different views of risk throughout the organization
  • Who owns risk?
  • Understanding risk and its role in business strategy, objectives, performances, and operations


Part 2: Federated Risk Management

Blueprint for Risk Management Collaboration and Strategy

  • Developing a risk committee (or herding cats), bringing together the range of risk roles in the organization
  • Defining a risk management charter
  • Developing a collaborative and enterprise view of risk


Part 3: Risk Management Process Lifecycle

Integrated Processes to Identify, Analyze, Manage, and Communicate Risk

  • Risk identification – Collaborative process to identify risk from both the bottom and the top
  • Risk analysis – Understanding and contrasting risk assessment & analysis techniques
  • Risk management – Strategies to mitigate and reduce risk
  • Risk communication – Assign and manage risk ownership and accountability


Part 4: Risk Management Information & Technology Architecture

Providing an Integrated View of Risk to the Enterprise Without Losing Value to the Department

    • Developing a risk taxonomy and attributes of risk and risk ranking
    • Addressing risk normalization and aggregation for enterprise risk reporting
    • Monitoring risk in a changing environment
    • Technology capabilities and considerations to support risk management