10 - 21 Mar 2025
Kuala Lumpur (Malaysia)
Hotel : Royale Chulan Kuala Lumpur
Cost : 8400 € Euro
Globally, businesses continue to face challenges and risks associated with dynamic economic and market environments. This promotes a continual assessment of the adequacy and effectiveness of internal control structures that are designed to manage the associated risks. Stakeholders in business also continue to demand more accountability in organizational governance structures whilst ensuring business sustainability. To address the complex external and internal influences, businesses need to ensure a balance between governance, risk management, and compliance.
An integrated organizational approach promotes appropriate risk identification and the collation of information for decision-making at the highest levels, with audit committees demanding insight into business risks and compliance obligations, how these are being managed, and assurance over the key business risks. Viewed at a strategic level, GRC can enable information provision that supports organizational performance and adaptability within increasingly changing markets.
Many organizations continue to face difficulty arising from fragmentation across risk, compliance, and assurance activities that are integral to the GRC environment. A common approach to risk identification and assessment that is driven from a strategic level ensures an effective approach to GRC that is aligned with the organizational strategy.
Describe GRC and the internal and external influences that create a need for it
Review the ServiceNow GRC architecture and key terminology
Navigate ServiceNow GRC applications and impersonate the various user roles
Explore how policies, authority documents, and citations fit into ServiceNow’s GRC landscape
Complete the policy management process to create, review, approve, and publish a policy
Describe how to build the entities used to assign ownership of controls and risks
Create a risk framework and risk statements related to an entity type
Evaluate risk scoring, including qualitative and quantitative
Gain an introduction to features available with GRC’s Advanced Risk application
Define controls and indicators and their role in risk and compliance monitoring
Leverage indicators and continuous monitoring to automate control monitoring
Describe methods to manage and respond to issues
Review the policy exception workflow and request and approve a policy exception
Describe audit management and its relationships to other GRC functions
Define and create an audit engagement and tasks
Explore GRC homepages and dashboards and access corresponding data
Implementers, Compliance officers, Risk managers
GRC professionals, ServiceNow System Administrators
Day 1:
GRC in ServiceNow
Introduction to GRC
ServiceNow GRC Architecture
Users, Groups, and Roles
Day 2:
Policy and Compliance Management
Authority Documents and Citations
Policies and Control Objectives
Policy Management Process
Control Lifecycle
Day 3:
Entity Scoping
Entity Definition and Set-up
Using Entities to Create Controls
Day 4:
Risk Management
Risk Architecture
Definition and the process of the Risk Management
ISO 31000 Process and Principles
IIA: Definition, Guidance, and Standards
internal Audit Risk and Engagement
Create Risks and their Relationships
Risk Scoring and Advanced Risk Functionality
Day 5:
Process Automation and Monitoring
Indicators
Issues Management
Policy Exception Management
Day 6:
Risk Response Plan Development
Risk response development inputs, tools & techniques
Risk response strategy guidelines
Response strategies for threats
Response planning & network diagramming
Response analysis
Alternative responses
Reserves - contingency & management
Response planning outputs
Day 7:
Risk Response Control
Risk management plan execution (Step 5)
Risk response control tools
Risk response control guidelines
Risk strategy execution
Evaluating risk response results (Step 6)
Risk documentation
Day 8:
Audit Management
Managing Engagements
Audit Testing
Day 9:
Corporate Governance
What is Corporate Governance?
Corporate Governance environment
The relevance of Corporate Governance
Perspectives on Corporate Governance
Shareholders vs. Stakeholders
Voluntary vs. Enforcement
1-tier vs. 2-tier boards
Chairman/CEO duality
The independent director
Corporate Governance models
Structure & practices
Emerging Trends in Corporate Governance
Principal-agent theory and applications
Independence in fact versus appearance
Day 10:
Full revision and workshop
Revision of the modules through the workshop
Certificates.