The ISO 31000:2009 definition of Risk Appetite shows that it is concerned with the kinds of risk an organisation prefers to take as well as the level to which it wants to expose itself. For many organisations, some of the largest risks they face relate directly to their major sources of income and taking these risks underpins their business model. Risk Tolerance then relates to an organisation’s willingness to tolerate or retain risk after risk treatment has taken place.
Efforts to quantify Risk Appetite and Tolerance can sometimes produce an illusion of precision and often leads to great misconceptions. This training will provide an overview of Risk Appetite and Tolerance and instil practical, hands on understanding of their application within an organisation. The training will provide learners with a practical opportunity to develop RAT levels based on a generic model to enhance their understanding.
Risk Appetite and Tolerance
Part 1: An Introduction to RAT
• Overview and defining RAT
• Common misconceptions
• Why RAT?
Part 2: RAT Policy / Framework
• Content and purpose
• Developing a RAT Policy / Framework
• Setting RAT levels
• RAT Reporting
Part 3: RAT in practice
• RAT in decision making
• Variances to risk parameters
• Continual review and monitoring
o Risk register review
o Managing change (internally and externally)
• Awareness and training
Part 4: Practical exercise
• Developing RAT levels as per a generic risk matrix
• Risk measurement against RAT levels
• RAT Reporting – plotting risk profiles
Who should attend?
Chief Risk Officers, Risk Managers, Risk Champions, Business Executives and managers who want to improve their risk management capability.
About the Presenter
Zanorashe Bwakura (B Comm. Accounting and Information Systems) is a risk specialist with over 10 years’ experience in Risk Management, Business Continuity Management, Finance, Internal Audit and External Audit across multiple Business sectors.
He received his initial training with a firm of Chartered Accountants where he did his articles and undertook audit assignments at the level of lead auditor for clients that ranged from mining, manufacturing, retail, non-governmental and financial services organisations.
As a risk practitioner he was the Head of Internal Audit & Compliance, Risk Manager, and then General Manager Risk for two commercial banking operations. He currently undertakes consultancy work in the following areas:
- Risk Management
- Business Continuity and Crisis and Emergency Management