Course Aims

Participants will understand

• The scope of non-financial internal control today and the necessity to integrate (to an appropriate degree) all forms of security, quality, investigations, business continuity planning, insurance risk assessment, review, risk analysis and asset classification.

• The necessity for integration of resources, methods and systems.

• The types of structures, processes and systems required

• The internationally accepted standards in this area, where they complement each other, the gaps and the conflicts.

Course Objectives

• To explain the necessity for integration of the controls effort

• To illustrate the causes and effects behind success and failure in the asset protection environment.

• To provide a simple methodology for planning and implementation monitoring of an operational risk mitigation programme.

• To provide guidance into successfully conducting sub-projects in such a programme

• To enable the participants to undertake a self-audit against established standards

Day 1 – Defining the appropriate environment

• Standards for use in Benchmarking

• Requirements analysis for asset protection

• Risk Analysis Methodologies

• Organisation Methods and Systems for internal controls - the various options

 

Day 2 – Implementation and Operation

• The Trident Methodology

• Ownership & Classification

• Achieving Awareness, Accountability and Responsibility

• Business Continuity Planning and Programmes

• Information protection

• Information systems risk management

• Physical and personnel security

• Investigations (Internal)

• Investigations & Sensitive Research (External) - "Business Intelligence"

• Business Continuity Planning & Crisis Management

• Process Risk – (separation of responsibilities, classification etc.)

• Reporting

Optional Day 3 - Specific Projects & Case Histories (additional day's fee)