Certified Enterprise Risk Management Professional (CERMP)


Program Overview  Download Brochure

This course has been independently assessed and endorsed by NASBA, the official board that regulates accounting and financial education in the United States of America.

In today’s ever-changing world, organizations are continuously faced with risks. These risks can have catastrophic impacts on an organization’s success, reputation, and future. Unmanaged risk is the greatest source of waste in your business and in our economy as a whole.

When these risk events happen, thousands of jobs get lost, brilliant organizations are disassembled, expertise gets lost, and assets are destroyed. Yet all of these risks can be understood, identified, anticipated, mitigated, or reversed, thereby averting hundreds of billions of dollars in unnecessary losses.

Enterprise risk management (ERM) is often times an overlooked or under-implemented function, leaving organizations vulnerable and unprepared. This course will provide you with the fundamental concepts necessary to understand this function.

Participants in the International Institute for Executive Training (iIET) Certified Enterprise Risk Management Professional (CERMP) program will acquire knowledge of the evolutionary and fluid process of developing, implementing, and evaluating ERM. You will also learn how to monitor risk at an enterprise-wide level, as well as the application techniques necessary for implementing the process within your organization.

Benefits of a CPE Registered Course

  • Endorsed by NASBA, the official board that regulates accounting and financial education in the United States of America. 
  • Our courses have been independently assessed to ensure a consistent and high quality
  • This provides proof that we comply with industry best practices and made a commitment to the delivery of high quality continuing professional education
  • Being a registered NASBA sponsor demonstrates that our presenters and program developers have vast technical knowledge and experience.
  • Earn 42 Continuing Professional Education (CPE) units.

Key Takeaways

  1. Define enterprise risk management.
  2. Identify the roles and responsibilities within an organization to implement enterprise risk management as an enterprise-wide function.
  3. Compare the types of enterprise risk management frameworks.
  4. Understand and conduct quantitative Risk Analysis
  5. Learn how to implement an enterprise risk management program in an organization.
  6. Understand how to monitor and evaluate an enterprise risk management program for improvement.

nasba_cpe_logoThe International Institute for Executive Training (iIET) is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its web site: www.nasbaregistry.org

*Successful completion of the course materials, and exam makes you a Certified Enterprise Risk Management Professional (CERMP)™ . You can use the designation of CERMP™ on your resume and business card. 

Who Should Attend

Any executive or manager tasked with establishing, implementing or facilitating a business risk process or anyone tasked with providing assurance to senior management that the significant risks are being managed appropriately.


It is suggested to attend the Certified International Business Leader(CIBL) program delegates will:

  1. 3 or more years of work experience
  2. A formal qualification

Or at the discretion of the iIET.

Course Requirements

Delegates must meet the following criteria to be eligible for certificate of completion:

  1. Attendance – delegates must attend all sessions of the course. Delegates who miss more than two hours of the course sessions will not be eligible to sit for the Certified Enterprise Risk Management Professional (CERMP)tm Examination.
  2. Successful completion of the course work and exam – Upon completion of this training course you will receive your certificate from iIET, an internationally accredited learning center recognized by Qualifi Ltd., a UK govt recognized awarding organization.

Topics We Will Cover

Enterprise Risk Management (ERM

  • Why implement ERM
  • The scope of ERM compare to existing risk management
  • What is the value proposition for implementing ERM?
  • The Role of Executive Management in ERM

The Types of ERM risks

  • Hazard risk – Liability torts, Property damage, Natural catastrophe
  • Financial risk – Pricing risk, Asset risk, Currency risk, Liquidity risk
  • Operational risk – Customer satisfaction, Product failure, Integrity, Reputational risk; Internal Poaching; Knowledge drain
  • Strategic risks- Competition, Social trend, Capital availability

Risk standards

  • Choosing the right one
  • Explanation of the new ISO 31000 international risk standard
  • COSO Enterprise Risk Management – Integrated Framework
  • RIMS Risk Maturity Model

The Nature of Risk: Losses and Opportunities  

  • An overview of the global business and risk environment
  • Risk culture, appetite and tolerance
  • Neuro-economics and behavioral economics explanation of risk appetite
  • Prospect Theory
  • Organizational risk management

Conducting Risk Assessments

  • What is the relationship between risk assessment and risk management?
  • Types and sources of risk information
  • Risk identification techniques
  • Risk prioritization and rating, including quantitative assessment tools and techniques
  • Presenting and sharing risk assessment information

Quantitative Risk Analysis

  • Risk Analysis Matrix
    Delphi (expert analysis)
  • Ishikawa diagrams (fishbone analysis)
  • Root cause analysis
    Failure mode and effect analysis (FMEA)
  • Decision Tree Analysis
  • Scenario planning
  • Monte Carlo analysis
  • Risk evaluation, problem solving and decision-making

ERM Implementation – Risk Assessment

  • Initiating a Structured, Disciplined Approach to Implementation
  • Implementation Options and Decisions
  • Building a Framework
  • Obtaining ERM Mandate and Commitment
  • Determining Risk Criteria
  • Risk Identification and Assessment
  • Methodology and Techniques Overview.

ERM Implementation – Risk Treatment

  • Identifying Risk Treatment/Responses
  • Evaluation and Selection Considerations
  • Risk Treatment/Response Options
  • When Risk Treatment Options Are Most Appropriate
  • Developing a Risk Treatment/Response Plan

Risk, governance and culture

  • Corporate governance models, risk oversight frameworks, internal control models, compliance, internal audit and assurance
  • Strategic planning and risk management, including the role of the board, audit and risk committees, and the chief risk officer
  • Risk culture, business ethics and organizational change
  • Risk management performance, including competencies, training, leadership and conflict management
  • Reputation risk management

Risk Mitigation

  • Managing risk – the options
  • Management evaluation of mitigation controls
  • How to assess risk mitigation
  • Identification of risk exposures
  • Critical evaluation of exposures
  • Dealing with the exposures (the 4 Ts – terminate, tolerate, treat
  • or transfer)
  • Establishment of action plans.

Crises, resilience and future risks

  • The nature and consequences of crises and the drivers for crisis management including business continuity, contingency planning and crisis preparedness
  • Learning lessons from the past, including root cause analysis
  • Building resilience
  • The core attributes of emerging and future risks, tools, techniques and models for predicting future risks
  • Decision making for the future