Agendapunten

UR 09-284 Bijlage 4. Concept Appendix 2.1.1-1 Master Risicomanagent

CONCEPT UR 09-284

Appendix 2.1.1-1

MASTER RISK MANAGEMENT

BENCHMARK - ACADEMIA AND PROFESSIONAL PRACTICE

Version 7, 23 June 2009


SUMMARY

This report provides the results of a benchmark study for the Master of Risk Management programme of the University of Twente conducted in 2007 and finalized in 2009.


After an introduction to the domain of risk management and of public safety, academic and professional sources relevant to risk management are described and analyzed. These sources include 12 risk management-related non-UT higher education programmes in The Netherlands and 12 programmes from abroad, mainly from English-speaking countries. Mapping of this total of 26 programmes into a domain scheme resulted in a confirmation of the intended position of the Twente MRM programme between Public Safety and general risk management.


As a result, five programmes were identified to be ‘nearby’ the intended Twente MRM programme:

1.The Master of Risk Management programme of the Haagse Hogeschool (HH), The Netherlands. This is not an academic but a post-higher professional education programme.

2.The risk management programme of Katholieke Universiteit Leuven (KUL) in Belgium. This is an academic postgraduate one-year part time non-degree programme.

3.The Master of Risk Management programme of Monash University, Australia (Monash). This is an academic graduate degree programme, 3 years in parttime.

4.The Master of Science in Risk Management programme of Glasgow Caledonian University, GCU, Scotland. This is a fulltime academic degree programme.

5.The Master of Science in Risk Management programme of the University of East London, UEL. This is a 1 year fulltime / two years parttime postgraduate degree programme.


An analysis of the characteristics of these five educational programmes provided the main academic input for the domain-specific requirements for MRM.


Next, sources of professional requirements were identified and analyzed as well. These sources were selected from The Netherlands and internationally from organizations including the RMIA (Risk Management Institution of Australia), RIMS (Risk and Insurance Management Society, USA), PRIMA (Public Risk Management Association, USA), and FERMA (Federation of European Risk Management Associations). Here, too, analysis of requirements led to providing the (professional) input for the domain-specific requirements for MRM.

The benchmarking study pointed out the following key final qualifications, i.e. requirements for graduates:

Knowledge and understanding of risk management concepts;

Application of risk management knowledge;

Implementation and execution of risk management;

Identification, analysis and evaluation of risk management tools and methods.

The key requirements for an academic risk management programme are:

i.Knowledge of risk management principles

ii.Approaches to and instruments for managing risk (e.g. the risk management cycle, the risk management process, categorization of risks, control and financing instruments) ,

iii.Organization and implementation of risk management in the focus sector(s)

iv.A choice of specialist and/or generalist areas depending on its aim.

v.A choice to focus on a specific geographical scope

vi.A choice to focus on specific sector(s) of society

vii.Ethical aspects of risk management in the focus sector(s)

viii.Communication aspects of risk management in the focus sector(s)

ix.Relevant legislation and standards

x.Professional criteria from relevant professional bodies

xi.Relevant research outcomes and research methodology


The aim of the Twente Master of Risk Management is to be an academic programme. As a consequence: The (sub-)domain of the Master of Risk Management includes both academic and professional knowledge of risk management, general academic skills and the ability to perform scientific research in the domain of risk management.


This report concludes by providing details of the academic and professional sources.


1. INTRODUCTION TO THE BENCHMARK


1.1. Introduction

The (international) domain of risk management is complex and - because of the relatively youthfulness of the (academic) domain - still rather diffuse. Although over centuries the profession of risk management has been developed, by practitioners and by scientists like Hugo de Groot, Christiaan Huygens, Daniel Bernouilli and Blaise Pascal, the domain as a well-defined discipline was first coined in the ‘50’s of the previous century. In the ‘70’s and the ‘80’s of that century, a true ‘eruption’ took place in terms of the advent of books, journals and professional organisations for risk management. Also, a considerable body of research on risk management has developed. Still, this has not resulted in a generally accepted description of the domain. Therefore, this benchmark study seeks to propose a domain description that is suitable for the Twente Master of Risk Management programme.



It could be envisioned that the domain extends in a number of directions: first, that is the dimension ranging from intra and inter organisational risk management to public safety. Next, there is the dimension ranging from operational-specialistic to strategic-generalistic. And finally, there is the dimension ranging from public to private organisations.


This benchmark presents and analyses the domain of risk management. It builds on the initial proposal for this direction of study as developed by prof. dr. Peter B. Boorsma. In 1999 he submitted a proposal for an interfaculty major to the Board of Directors of the University of Twente, following a request to create a doctoral programme for the many practice experts who seek further development. In the same period the Board decided to offer a master specialisation Financial Engineering, as a result of which the risk managament proposal was shelved. In 2006 he obtained support from the Faculty of Management and Governance for a newly developed proposal, with the accompanying request to develop it further. This benchmark is based on web research by Drs. Caroline Liedenbaum and Dr. Hans van den Berg, DipM in October of 2007 and expanded upon by prof. Boorsma and dr. Van den Berg from February through June 2009. It builds on an earlier web search of June 2007. The source categories for the benchmark are shown in the table below:



Sources

Geography

Netherlands

Anglo-Saxon countries

Other

Academic

X

X

X

Professional

X

X

X

Other

X

X




1.2. Goals of this benchmarking study

This benchmarking study has two goals: (1) supporting the establishment of the new postgraduate risk management programme, and (2) the development of a domain-specific framework of reference for this programme, to support its development and accreditation.



1.3. Complexiteit

The development and transfer of understanding of the domain of risk management is complicated by little exact use of terms and definitions and a certain lack of broadly accepted definitions. The new ISO standard 31000 and ISO Guide 73 (terminology), expected in 2009 can improve this situation in the near future . Also, risk management has developed from different (functional areas in) organizations. For instance, the insurance industry’s view on risk management can be quite different from that of the human resources, where a focus on worker health and safety may be prominent.


For now, other sources and standards, like the one from IRM (2002) are a source of information. The table below contains a selection of relevant definitions. (Please note that definitions below can have many more alternatives.)


Item

Definition

Risk

Risk can be defined as the combination of the probability of an event and its

Consequences.

Risk Management

Risk Management is increasingly recognized as being concerned with both positive and negative aspects of risk. Risk management is a central part of any organisation’s strategic management. It is the process whereby organizations methodically address the risks attaching to their activities with the goal of achieving sustained benefit within each activity and across the portfolio of all activities.

Risk Management Process

Risk Assessment

Risk Assessment is defined as the overall process of risk analysis and risk evaluation.

Risk Analysis

Consists of Risk Identification and Risk Description, Risk Estimation, Risk Analysis methods and techniques and Risk Profile

Risk Evaluation

Risk evaluation therefore, is used to make decisions about the significance of risks to the organisation and whether each specific risk should be accepted or treated.

Risk Treatment

Risk treatment is the process of selecting and implementing measures to modify the risk. Risk treatment includes as its major element, risk control/mitigation, but extends further to, for example, risk avoidance, risk transfer, risk financing, etc.



1.4. Public safety and risk management

One of the issues confronting the developing team of the new Twente MRM programme is the question whether public safety should be included in MRM. The benchmarking study revealed that public safety as yet is not a common, well-defined discipline. The figure below provides an overview of the definition of public safety used in this benchmarking report.




1.5 Setup of this document

Section 2 provides the key findings of the benchmarking study regarding academic sources. Section 3 gives the conclusions of the academic benchmarking.


Appendices 1 and 2 provide detailed benchmark programme information. Appendix 1 contains information on ‘nearby programmes’ whereas appendix 2 provides information on other, i.e. ‘non-nearby’ programmes.


Appendices 3 (The Netherlands) and 4 (international) provide detailed information on professional requirements sources.



2. ACADEMIC SOURCES

In paragraphs 1.1 en 1.2 of this report it was indicated that three types of sources were used. This section deals with the findings from academic sources. Paragraph 2.1 will cover Dutch sources, paragraph 2.2 will deal with international sources and paragraph 2.3 will provide a consolidation, analysis and recommendations.


2.1. Academia - The Netherlands

2.1.1. Academia The Netherlands - risk management

Introduction

In The Netherlands over ten risk management programmes are available. A limited amount of these are at the higher professional or post-higher professional level, whereas the majority is at academic level. The table, below, provides an overview.


Code

Institution

Programme

NL-1

Delft Toptech

Master of Security Science & Management (MSSM)

NL-2

Delft Toptech

Master of Public Safety

NL-3

TUD

Master of Safety, Health & Environment

NL-4

Nijenrode Univ.

Integraal Security Management

NL-5

UvA

Enterprise Risk Management

NL-6

TIASNimbas

Master of Information Security Management (MISM)

NL-7

TIASNimbas

Master of Security in Information Technology (MSIT)

NL-8

Erasmus Univ.

Postgraduate program Information Security and Compliance

NL-9

Haagse Hogeschool

Post-HBO programma’s BRM en RRM

NL-10

Hogeschool Arnhem en Nijmegen (HAN)

Post-HBO-programma Auditing en Risk Management

NL-11

Hogeschool Arnhem en Nijmegen (HAN)

MRIS

NL-12

NIBE/SVV

HBO-opleiding Risk Management


Though not included in the above table, two (regular) programmes of Twente University, Master Business Administration, specialisation Financial Engineering and the Master of Public Administration, specialization Public Safety, were considered in the benchmark as well.


In addition to degree-awarding programmes, many shorter programmes are offered by various providers, such as NIBE-SVV.


The profiles of the twelve programmes from the above table are provided in appendix 1 to this benchmarking report.


2.1.2. Academia The Netherlands / Belgium – Public Safety

Introduction

In The Netherlands and Belgium no academic master programmes for public safety were found. Twente University does offer a specialization within Public Administration, called Safety Studies.


A number of higher professional education institutions do also provide programmes for public or integral safety. Belgium to date has one programme, offered by the Catholic High School of South-West Flanders. It seems like public safety in some cases is a specialization, e.g. of a master programme on Criminology.


2.2. Academia internationally

Of twelve programmes from abroad information was gathered and assessed. See the table below and appendix 2.


Institutions

Country

1. Monash University

Australia

2. University of East London

UK

3. Caledonian Business School

UK

4. University Kent

UK

5. University of New South Wales

Australia

6. Swinburne University of Technology

Australia

7. Simon Fraser University, Segal Graduate Business School

Canada

8. Neisse University

Poland, Czech Republic, Germany

9. Lund University

Sweden

10. Katholic University of Leuven

Belgium

11. Lewis University

USA

12. University of Aberdeen

UK


2.3. Academic sources - consolidation, analysis and recommendations

The benchmarking study shows a large variety in observed national and international risk management-related educational programmes:

Regular versus postgraduate

Fulltime versus parttime

Academic versus higher professional

60 European Credit master versus ‘executive’ and other shorter programmes (plus a number of bachelor programmes)

Specialized versus broader programmes.


Based on the detailed information provided in Appendices 1 and 2 of this benchmarking document, a mapping was made of the individual programmes on to the domain.

Building on earlier designs of the domain description the final design consists of a two-dimensional ‘landscape’ with, on the horizontal axis, the dimension of public-to-private and on the vertical axis a scale from ‘concrete’-to-abstract’. See figures 1a and 1b. The first figure contains programme and/or institution names. The coding in the second figure refers to the one in the tables presented previously. In these figures, the term ‘broad’ should be read as: generic and covering both the public and private sectors.





















Figure 1a. Mapping of educational benchmarking programmes on to the risk management domain (including programme/institution names)






Figure 1b. Mapping of educational benchmarking programmes on to the risk management domain (coded)


Subsequent analysis resulted in the following:

1.Between ‘public safety’ and ‘specialized risk management’ an opportunity area exists. We propose to call this area ‘comprehensive risk management’ (in Dutch: “integraal risicomanagement”). This is a combination of ‘public safety’ and ‘broad risk management’;



2.We consider it feasible to realize the concept of ‘comprehensive risk management’ 1 in the new master programme. According to the Dutch Network for Risk (NNR) and other sources realization of this concept is truly desired. Based on a ‘double toothbrush’ metaphor, we have schematically indicated how the concept could be shaped. The ‘brushes’ of the toothbrush signify the sub-domains of the programme. On the one hand, these are the disciplinary sub-domains that are required for a graduate to collaborate with specialists. On the other hand, the sub-domain of public safety is required for a graduate to adequately deal with the broader societal dimension of safety.



3.For the COSO II standard, promoted especially by accountants, nowadays the term Enterprise Risk Management (ERM) is frequently used. The proposed programme of Comprehensive Risk Management differs from ERM in a number of respects. First, the naming of the programme: because the focus of the programme is on the organisation and the way of thinking about risk management, irrespective of whether a public or private organization, a ’or profit’ or a ‘not for profit’ organization, is concerned. Thus the coining of the term ‘Enterprise’ would be confusing. Second, ERM focuses on strategic and business risks, whereas the proposed programme deals with the methods of risk management and on all risks, with a focus on so-called pure risks, i.e. risks that potentially create (only) damage.


Based on this mapping, five ‘nearby programmes’ were selected. Nearby programmes are nearest in similarity to the intended comprehensive programme.


These nearby programmes are:

1.The Master of Risk Management programme of the Haagse Hogeschool, HH, The Netherlands. This, however, is a post-higher professional education programme.

2.The risk management programme of Katholieke Universiteit Leuven (KUL) in Belgium. This is an academic postgraduate one-year part time non-degree programme.

3.The Master of Risk Management programme of Monash University, Australia (Monash). This is an academic graduate degree programme, 3 years part time.

4.The Master of Science in Risk Management programme of Glasgow Caledonian University, GCU, Scotland. This is a fulltime academic degree programme.

5.The Master of Science in Risk Management programme of the University of East London, UEL. This is a 1 year full time / two years part time postgraduate degree programme.


The benchmarking has focused on these five nearby programmes. The remaining 20 risk management programmes, considered to be ‘non-nearby programmes’, were the basis for some additional analysis for the benchmarking.


Appendices 1 and 2 show that full details of the programmes used in the benchmarking were not always available from public sources.


2.4. Characteristics of ‘nearby programmes’

2.4.1. Common characteristics of ‘nearby programmes’

Common characteristics of the nearby programmes were established in four areas:

i. A risk management core

ii. Final qualifications and other related elements

iii. Target group for admission

iv. Target profession or roles after graduation.


Ad i. A risk management core

The nearby programmes share a common risk management core consisting of:

Knowledge of risk management principles

Identification of risks

Loss control measures

Risk financing

Organisation of risk management


Ad ii. Final qualifications and other related elements

The nearby programmes share a common set of risk management final qualifications:

Knowledge and understanding of risk management concepts;

Application of risk management knowledge;

Implementation and execution of risk management;

Identification, analysis and evaluation of risk management tools and methods.


Ad iii. Target group for admission

The target group for admission is quite broad. It includes:

Equivalent of a UK business or non-business undergraduate degree or equivalent professional qualification (GCU)

Motivated professionals (HH-MRM)

Anyone who seeks to do risk management professionally (…) a university diploma or a diploma higher education long type (KUL)

Academic diploma or higher professional education diploma, combined with 5 years of work experience, 2 years of which relevant to risk management (NL-6, TiasNimbas MISM).


Ad iv. Target professions or roles after graduation

For the ‘nearby programmes’, the target role of risk manager (HH, Monash, UEL) in business and government (Monash, UEL) is common for graduates. Other roles are indicated as well, i.e.:

Strategist (UEL, KUL)

Specialist (UEL, KUL)

Consultant (UEL)

‘Risk management roles’ (GCU)

General or deputy manager, controller, director of finance (KUL).


2.4.2. Variations in the characteristics of ‘nearby programmes’

Variations in the characteristics of nearby programmes include (bold typeface texts indicate choices made by the Twente MRM programme):

Risk management plan making (KUL);

Exchange experiences (KUL);

Risk (management) communication (HH);

Risk management information (UEL);

Create competitive advantage (KUL);

Crisis management (HH) / Disaster response (UEL);

Synthesis (KUL) / integrated case study (GCU);

Research methodology (GCU);

Increasing risk complexity (Monash);

Formal professional education requirements (Monash);

Specific risk management areas (Monash);

Strong focus on generic academic skills (Monash);

Business continuity (UEL);

Risk management tools (UEL);

Risk perception (UEL).


2.4.3. Additions based on ‘non-nearby programmes’

Additions from non-nearby programmes to the benchmarking are (again, bold typeface texts indicate choices made by the Twente MRM programme):

Legal / regulation (NIBE/SVV);

Integration of technology and governance (NL-2);

Integrated management system (NL-3);

How to place safety on the agenda in the boardroom (NL-3);

Visionary skills (NL-3);

Novel interdisciplinary vision on safety (NL-4); multidisciplinary approach (NL-5);

Constructive collaboration with specialists (NL-6);

Act as an intermediary between board of directors and departments (NL-6)

Public and/or private (NL-4);

Policy development (NL-6).


Confirmations of the nearby analysis are:

Integration module (NL-1) / integration project (NL-3).


2.5. Conclusions of the Academic Benchmarking

2.5.1. General


The key conclusions of the benchmarking study are as follows:


The originally planned position in the risk management domain and the profile of the intended Twente MRM programme have been confirmed by the benchmarking. This will be illustrated as follows:

MRM, focusing on comprehensive risk management at the organizational level of public and private organizations fills a niche between programmes focusing either on societal risk management or on specialized sub-domains. This is show in the left-handside of figure 2, below, which is an abstraction of the detailed scheme presented in figure 1. The right-hand side of figure 2 shows the profile of MRM, with attention being paid to both societal risk management and several specialized sub domains of risk management, e.g. financial risk, project risk and technological risk. The choice for a programme with this position and profile is supported by the professional requirements benchmarking , including the National Network for Risk management (NNR) and by the market study which were carried out for MRM.

The COSO II standard, which is promoted especially by the accountancy profession, currently is frequently referred to as Enterprise Risk Management, ERM. The Twente MRM programme profile differs from ERM in two respects: first, with the profile of ‘comprehensive risk management’, MRM focuses on the way of thinking regarding risk management and on the organization, irrespective of the organization being (semi) public or private, i.e. a ‘for profit’ or a ‘not for profit’ organization; because of this profile, the wording ‘Enterprise’ in ERM is confusion. Secondly, ERM suggests that the emphasis is on strategic risks. MRM, however, focuses on the way of thinking and on all categories of risk, while the so-called ‘pure risks’ - risks which can only cause damage - are being accentuated.


2.5.2. Requirements for graduates and for a programme

The key final qualifications, i.e. requirements for graduates are:

Knowledge and understanding of risk management concepts;

Application of risk management knowledge;

Implementation and execution of risk management;

Identification, analysis and evaluation of risk management tools and methods.


The key requirements for a programme are:

Knowledge of risk management principles

Identification of risks

Loss control measures

Risk financing

Organization of risk management


In addition, the Twente MRM programme has chosen a set of additional characteristics which are derived from the benchmarking. These have already been shown in bold typeface in sections 2.2.2 and 2.2.3 of this document.


3. PROFESSIONAL SOURCES

3.1. Professional sources – The Netherlands

Two Dutch professional sources were found in the web search: Marsh Risk Consultancy and ‘www.werken.nl’. These are described in appendix 3 along with a set of potential risk management requirements sources that proved not te provide additional information.


In addition, informal exchange of information took place with NAR and previously mentioned NNR. The original programme proposal was discussed a number of times with NNR and also with PRIMO Nederland. (Following the example of the Public Risk Managers Association, PRIMA, in the USA PRIMO was founded in Europe and The Netherlands is one of the chapter organizations. In The Netherlands PRIMO was established by secretaries of municipalities, but membership is also open to other representatives from the public sector.)


3.2. Professional sources – International

Three international sources, described in appendix 4, were used:


Nr.

Organisation

Geographic scope

1

Risk Management Institution of Australia (RMIA)

APAC

2

Risk and Insurance Management Society (RIMS) (New York)

Global

3

Public Risk Management Association (PRIMA) (USA)



Most notably, PRIMA, provides a comprehensive overview of competenties required by a public risk manager. These competencies, 44 in total, are clustered in six areas (1. History, 2. Core knowledge, 3. Public Administration, 4. General Management, 5. IT, 6. Future). All six competency areas are deemed to be of importance to the Twente risk management programme.



3.3. Professional sources – conclusions and recommendations

The professional sources part of this benchmarking study demonstrated support for the concept of ‘comprehensive risk management’, mainly with respect to the concept of ‘broad risk management’ included in it. All sources support the recommendations of paragraph 2.3 of this report. International sources do not provide input for the requirements of the sub-domain of public safety. They do, however, provide comprehensive information as to the professional requirements for a (public sector) risk manager. Specifically the PRIMA competence area set is considered to be an appropriate basis for defining professional requirements of the Twente risk management programme.
APPENDIX 1 – Academic sources – Nearby programmes in The Netherlands and abroad.


‘NEARBY PROGRAMMES’, NETHERLANDS

NL-9a

HAAGSE HOGESCHOOL

Category

Data

Country

The Netherlands

Institution

Haagse Hogeschool (The Hague University of Professional Education)

Programme name

Post-Higher Professional Education programmes BRM (Basic Risk Management education) and RRM (Registered Risk Manager education)

Ranking

N/a

Graduate / postgraduate

Postgraduate

Academic / other

Post-Higher Professional Education. On completion, a nationally recognised diploma from the Foundation of Post-Higher Professional Education of The Netherlands is granted.

Programme size

N/a; 2 years (1 year for BRM, 1 year for RRM).

Parttime / fulltime

N/a

Aims & Objectives

BRM has the goal to provide insight into the organization of structural and integral risk management. The emphasis is om implementation aspects. A change process is needed in the organization for the implementation and you will therefore interiorize the techniques of management of change: insight in group processes; recognition of specific core qualities; dealing with specific core qualities. On completion of the programme you will be able to give risk management a sustainable position in your organisation.

The accent of the follow-up programme RRM lies in deepening the insight into the coming into being and the potential effects of risks and effective solutions, with the implementation being the centre of gravity. In this respect issues like organizational execution and communication are essential. Being able to apply the obtained knowledge weighs heavily in obtaining the diploma.

Final qualifications

N/a

Learning targets

N/a

Target group

The course is intended for:

Directors and superintendants

Insurance and risk managers

Safety and security officers

Department heads / employees of Legal affairs

Department heads / employees of Financial-economic affairs

Quality managers

Risk advisors

Organisation advisors

Facility managers

Programme (special aspects)

The course contains the following subjects:

Types of risk, measures

Initiative phase and next steps

Positioning and organising RM in an organization

Context Management of Change

Attitude and behavioural aspects

Interview techniques

RM Game

Project management

Team review

Group dynamics

Risk financing

Incident and damage management

Peer review

Crisis management and crisis communication

Information/knowledge as next economic mean

Other special aspects

Admission to RRM:

After successful completion of BRM

After successful completion of the Head education Risk Management of NIBE-SVV

After successful completion of a comparable education

URL

http://portal.hhs.nl/portal/page?_pageid=130,810482&_dad=portal&_schema=PORTAL



NL-9b

HAAGSE HOGESCHOOL

Category

Data

Country

The Netherlands

Institution

Haagse Hogeschool (The Hague University of Professional Education)

Programme name

Master in Risk Management MRM

Ranking

N/a

Graduate / postgraduate

Postgraduate

Academic / other

Post-Higher Professional Education.

Programme size

60 EC (340 contact hours); average study load 21 hours per week

Parttime / fulltime

Parttime; 2 years nominal

Aims & Objectives

The aim of the The Hague Master in Risc management (MRM) is to educate motivated professionals to leading risk managers.

Target group

Motivated professionals. Admission requirements: relevant bachelor diploma (or equal) and a minimum of three years of relevant work experience.

Final qualifications

N/a

Learning targets

Learning targets

The risk manager has knowledge of the many appearances of risk. Hij posesses knowledge of various disciplines:

oFinancing

oHuman Resource management

oICT

oFacility management

oMarketing

oCommunication

oSociology

oPsychology

Programme (special aspects)

The following subjects are covered:

Phase 1: Risk identification, risk analysis and risk assessment

Phase 2: The design of (control) measures

Phase 3: The implementation trajectory

Phase 4: Monitoring and evaluation

Specifics:

The education is delivered as seminars (in Dutch: werkcolleges)

Five projects

Other special aspects

Formal accreditation by NVAO, on the basis of a positive NQA report, is expected by July 2009

Advisory Board has been installed

Source

Brochure received in the Spring of 2009

‘NEARBY PROGRAMMES’, ABROAD

NR 1.

MONASH

Category

Data

Country

Australia

Institution

Monash Master of Risk Management Australian Risk Management Unit (ARMU) / Faculty of Business and Economics

Programme name

Master of Risk Management: This masters program recognizes the fundamental importance of the management of risk in today's commercial world and seeks to provide graduates with extended skills in core areas. The course will prepare students for the increasingly complex risk management issues that they will face when employed in many areas of business and in government agencies. It also provides education in the area of the management of risk and related topics appropriate for practitioners seeking to meet professional education requirements or to update their knowledge in specific risk management areas. It is also suitable for people working in other business, financial planning or investment areas who regularly deal with risk management issues

Ranking

N/a

Graduate / postgraduate

Graduate

Academic / other

Academic

Programme size

72 credit points

Parttime / fulltime

1.5 years fulltime, 3 years parttime

Aims & Objectives

N/a

Final qualifications

The learning goals associated with this course are to: satisfy the educational requirements for membership of the Risk Management Institution of Australasia Limited; develop the ability to identify problems, to synthesise, analyse, summarise and classify data and qualitative information, to evaluate and weigh evidence, arguments and ethics, to apply specialist skills and knowledge to global business issues; and to work out solutions to real world business cases and problems; develop the ability to locate, evaluate and reference needed data and qualitative information stored electronically and physically and to use state-of-the-art technology to produce high quality, persuasive and appropriate spoken and written presentations; develop the ability to work independently and to lead and participate in teams from diverse cultural and social backgrounds; develop knowledge of the risk management profession and the need to pursue life-long learning to be an effective leader and provide service to local, national and international communities.

Learning targets

N/a

Target group

N/a

Programme (special aspects)

--

Other special aspects

Prof. Boorsma visited Mr. Michael Vincent of ARMU in February 2008

URL

http://monash.edu.au/pubs/handbooks/courses/3153.html





NR. 2

UNIVERSITY OF EAST LONDON

Category

Data

Country

UK

Institution

University of East London

Programme name

Postgraduate Programme MSc in Risk Management

Ranking

N/a

Graduate / postgraduate

Postgraduate

Academic / other

Academic

Programme size

180 credit M Level programme

Parttime / fulltime

1 year fulltime / two years parttime

Aims & Objectives

The MSc in Risk Management programme is a generalist academic programme which aims to provide students with a robust appreciation of the risks faced by industrial, commercial and governmental organisations, and of the distinct and integrated measures taken by risk managers and risk specialists to deal with the risk management function. It will enable students to have a deeper understanding of risk management covering most areas of financial, operational and enterprise risks.

Final qualifications

In summary the programme provides students with the opportunity to:

Understand the concepts and contexts of risk and uncertainty, such as acceptability of risks and the identification of cost-effective strategies in the risk environment to provide safe, reliable operations and business continuity

Develop skills and methods for identifying risk signals and communicate these to stakeholders, including the risk scorecard, risk simulations, and handling governance and compliance issues

Critically evaluate and utilise new and established risk management tools for environmental risk assessment, financial and industrial risk assessment, risk policy assessment, risk treatment, and measuring the effectiveness of risk policy implementation

Gain insights into different sources of information used by individuals and stakeholders and the factors that influence their perceptions of risk identification, risk avoidance or reduction, risk mitigation and risk transfer

Learning targets

N/a

Target group

This is a generic programme designed for those students who wish to pursue careers as risk managers, strategists or risk specialists in the diverse fields of financial risk management, governance, operational and safety risk management, and the management of product development risks, environmental risks, intellectual property risks, and disaster response.

The MSc in Risk Management programme is designed to enhance employability and understanding of Risk Management issues, activities and roles within organisations, and enable students to develop a career within those roles. Careers in risk include Corporate Risk Manager, Corporate Risk and Insurance Manager, Corporate Risk Operations Manager, Business Development Manager, Corporate Risk Auditor, Risk and Safety Manager, Risk Control Manager, Risk Management Consultant, Safety and Reliability Manager.

Programme (special aspects)

--

Other special aspects

--

URL

http://www.uel.ac.uk/programmes/business/postgraduate/riskmanage.htm



NR. 3

GLASGOW CALEDONIAN UNIVERSITY (GCU)

Category

Data

Country

UK

Institution

Caledonian Business School / Glasgow Caledonian University

Programme name

MSc Risk Management: Business Risk Management, Financial Market and Products, Insurance and Principles, Risk-Taking Behaviour: Perception & Management, Integrated Case Study, Research Methodology, Global Perspectives on Risk.

Ranking

n/a

Graduate / postgraduate

Postgraduate

Academic / other

Academic

Programme size

n/a

Parttime / fulltime

One year fulltime campus; 2 to 3 years distance learning

Aims & Objectives

The aim of the Postgraduate Diploma (PgD)/Master of Science (MSc) in Risk Management is to provide students with a flexible programme, enabling them to build a successful career within an increasingly complex business environment and thereby to offer to employers a pool of skilled and informed postgraduates. Whether by distance learning or on-campus study, the programme comprises of 8 specified modules, plus a Masters Dissertation.

Target group

Normally, an applicant can gain entry to the MSc Risk Management if they have achieved the equivalent of a UK business or non-business undergraduate degree or equivalent professional qualification. Two references are also required (preferably one academic and one employment). Students whose first language is not English will normally be required to demonstrate evidence of satisfactory competence by holding one of the following recognised qualifications:

IELTS (British Council International English Language Testing Service) test score of 6.0 with a written English score of a minimum of 4.5,

Test in English as a Foreign Language (TOEFL) with a minimum score of 550,

Computer based TOEFL with a minimum score of 213.

Our graduates have gone on to successful careers including: risk management roles in major corporations; insurance companies; insurance brokers; project risk management; risk management consultants; clinical risk management in the NHS; the police; and health & safety management.

Final qualifications

N/a

Programme (specifics)

Research Methodology

This is the last module students will study prior to commencing your Dissertation. This module introduces students to research methodology needed for academic and practical research, to develop students written and oral presentation skills at management level. This will involve practical exercises in literature searches, literary criticism, data acquisition, processing of data using information technology, preparing reports, and presentation. Statistical aspects of research and the use of related statistical software packages will be emphasised.


MSc dissertation (optional)

The dissertation will be an original piece of work of 12,000 to 15,000 words, excluding appendices, which will analyse and critically discuss an aspect or topic within the field of risk management. The student must demonstrate an ability to complete a major and worthwhile piece of work in a self-motivated and independent manner. Regardless of the type of dissertation undertaken, assessment will be based on the following attributes:

Relevance of content; Quality of content; Style; Coherence of presentation; Quality and breadth of bibliography; Absence of plagiarism

Other specifics

Postgraduate Diploma in Risk Management

Or Masters in Risk Management (with Master dissertation)

URL

http://www.caledonian.ac.uk/cbs/gab/cfrm/choose.html


NR. 10

KATHOLIEKE UNIVERSITEIT LEUVEN

Category

Data

Country

Belgium

Institution

Katholieke Universiteit Leuven. Department of Postgraduate Formation (KULAC) in collaboration with Amelior, a provider of consultancy, training and documentation services in the domains of quality, safety, the environment and management. Endorsed by BELRIM.

Programme name

Risk Management (code 9425)


Ranking

N/a

Graduate / postgraduate

Postgraduate

Academic / other

Academic. Apparently not a degree (M/MSc) programme

Programme size

N/a; 1 year programme. Fee of € 3840.

Part time / fulltime

Part time. 34 weekly tutorials from Saturday 19 January to December 2008, each of 08.30 to 13.00 hrs.

Aims & Objectives

§You will acquire knowledge regarding terms, methods, concepts and patterns of thought of risk control and the risk management process.

§You will learn to effectively apply the acquired knowledge in practice

§You will learn to execute risk management in a team

§You will acquire insight in how risks are identified and analysed in order to develop and execute an optimal and integrated risk control plan

§You are capable of selecting and implementing the most appropriate risk financing techniques

§Throug the ability to implement an integrated risk management system you create a competitive advantage for your company

§You will have numerous opportunities to exchange experiences.

Final qualifications

N/a

Learning targets

N/a

Target group

This programme focuses on anyone who seeks to do risk management professionally. Possible positions are: general managers, deputy managers, controllers, directors of finance, risk managers, strategists, safety engineers, etc.

Programme (special aspects)

Programme: 1) Introduction, 2) Identification, Analysis and loss control of risks, 3) Risk financing, 4) Operational organisation, 5) Synthesis: concluding global risk management case

Other special aspects

Admission:

You have a university diploma or a diploma higher education long type. Holders of a diploma higher education short type can be admitted provided that a convincing and motivated application dossier is submitted.

The programme committee decides on admittance base don prior education, relevant professional experience, curriculum, motivation and order of submission.

URL

http://www.kuleuven-kortrijk.be/nl/PAV/Opleidingsaanbod/Opleiding/?code=1318






Appendix 2 – Academic sources – Non-nearby sources


NON-NEARBY PROGRAMMES, THE NETHERLANDS

NL-1

Category

Data

Land

Nederland

Instelling

Delft Toptech

Naam programma

Master of Security Science & Management (MSSM)

Ranking

Niet gevonden

Initieel / post-initieel

Post-initieel

Academisch / anders

Academisch

Aantal EC

1000 uur @ circa 1,5 jaar

Deeltijd / voltijd

Deeltijd

Doelstelling

De opleiding richt zich op het voorkomen van opzettelijke inbreuk op veiligheid. Rode draad in de opleiding is het thema maatschappelijke fysieke veiligheid; deze pas kan worden vormgegeven wanneer wordt gewerkt vanuit een integrale visie op beveiliging en veiligheid. Deze postdoctorale opleiding biedt professionals de juiste inhoudelijke bagage om binnen hun organisatie een regiefunctie te kunnen vervullen op het gebied van veiligheid in de breedste zin van het woord. Daarvoor is inzicht in zowel security technologieën als in beleid en bestuur van groot belang. Het programma richt zich daarom op de integratie van technologie, management en bedrijfsvoering, waarmee de deelnemer een integrale visie op security ontwikkelt.


De deelnemer leert een afweging te maken over de haalbaarheid van innovatieve beveiligingsprojecten. Door de integratie van techniek en management wordt de deelnemer een ‘master’ in het ontwikkelen van strategieën in veiligheid en beveiliging.

Doelgroep

Deelnemers zijn werkzaam in industrie, overheid, beveiligingsorganisaties, adviesorganisaties of bijvoorbeeld politie. Ze zijn manager, leidinggevende of adviseur en hebben elementen van security en/of terrorismebestrijding in hun portefeuille. De deelnemer ontwikkelt zich van specialist tot een generalist met een integrale visie op veiligheid in de breedste zin van het woord. De afgestudeerde heeft zijn horizon verbreed en is daardoor in staat complexe vraagstukken aan te pakken.

Eindtermen

Niet gevonden

Programma (bijzonderheden)

Het programma bestaat uit drie delen: een blok Security Science & Technology, een blok Security Policy & Management en een masterblok. Cases spelen een belangrijke rol om het geleerde tijdens de opleiding te spiegelen aan de praktijk. De eerste twee blokken kunnen afzonderlijk worden gevolgd, waardoor de opleiding gespreid kan worden over meerdere jaren. Beide blokken bestaan uit vijf basismodules en een integratiemodule. Het masterblok loopt deels parallel aan de opleiding en vormt in een laatste module de afsluiting van de opleiding.

Overige bijzonderheden

Aanbevelingen van Wim Deetman en Tjibbe Joustra

URL

http://www.delft-toptech.nl/nl/index.php?option=com_content&task=view&id=182&Itemid=338



NL-2

Category

Data

Land

Nederland

Instelling

Delft Toptech

Naam programma

Executive Master of Public Safety

Ranking

Niet gevonden

Initieel / post-initieel

Post-initieel

Academisch / anders

Academisch

Aantal EC

Circa 800 uur @ circa 14 maanden

Deeltijd / voltijd

Deeltijd

Doelstelling

De opleiding is ontworpen rond het thema risico denken waarin, het proces van bewustzijn, analyse, management en beheersing centraal staat. De kern van de opleiding ligt op het snijvlak van bestuurlijk politieke flexibiliteit en technisch operationele onbuigzaamheid. Het programma is gericht op de integratie van techniek en bestuur en leert de deelnemer verschillende onderdelen te combineren die in risicovolle situaties en rampen aan de orde komen.

Doelgroep

Deelnemers zijn werkzaam als manager of leidinggevende uit alle relevante sectoren van de maatschappij en de industrie met elementen van rampenbestrijding en/of crisismanagement in hun portefeuille.
Hoe kan de bestuurlijke complexiteit vereenvoudigd worden om, in nood, snel te handelen? Welke technische hulpmiddelen kunnen ingezet worden om calamiteiten te voorkomen of te bestrijden? Hoe kunnen risico’s meetbaar gemaakt worden en hoe kunnen die gegevens gebruikt worden bij de besluitvorming. Als dit de vragen zijn die u bezighouden, dan bent u een kandidaat voor de Master of Public Safety.

Eindtermen

Niet gevonden

Programma (bijzonderheden)

Het programma bestaat uit drie delen: het Technisch blok, het Bestuurlijk blok en het Master blok. Cases spelen een belangrijke rol om het geleerde tijdens de opleiding te spiegelen aan de praktijk. Het Technisch blok en het Bestuurlijk blok kunnen ook afzonderlijk gevolgd worden, waardoor de opleiding gespreid kan worden over meerdere jaargangen. In het Master deel worden het technisch en het bestuurlijk deel geïntegreerd.  Daarnaast is er een facultatief te volgen blok Fysieke Veiligheidszorg & Brandweerkunde.

Overige bijzonderheden

Pieter van Vollenhoven als gastspreker

URL

http://www.delft-toptech.nl/nl/index.php?option=com_content&task=view&id=149&Itemid=295



NL-3

Category

Data

Land

Nederland

Instelling

Delft Toptech

Naam programma

Master of Safety, Health & Environment

Ranking

Niet gevonden

Initieel / post-initieel

Post-initieel

Academisch / anders

Academisch

Aantal EC

@ circa 1,5 jaar

Deeltijd / voltijd

Deeltijd

Doelstelling

Het programma Management of Safety, Health & Environment van Delft TopTech leidt professionals op om een cruciale rol te spelen bij het veiligheidsbeleid en de arbeidshygiëne en de dagelijkse uitvoering hiervan. Ons programma geeft inzicht in het belang van een geïntegreerd managementsysteem. We staan niet stil bij het heden ook ontwikkelingen van beleid en toepassingen voor de toekomst komen aan bod. Veiligheidsdeskundigen, beleidsmakers en adviseurs leren hoe en wanneer de bestaande systemen en methoden moeten worden veranderd en hoe veiligheid op de agenda moet worden geplaatst bij de directie.


Participants learn how, and when, to change

existing systems and methods, as well as how to place safety

on the agenda in the boardroom. In teaching a balanced

combination of visionary, managerial and implementation skills,

the programme enhances the career potential of its graduates

and adds value to organisations.

Doelgroep

The programme is designed for SHE professionals, such as

experts in company safety departments and people who

influence SHE policy. The programme has proven successful in

training advisors and auditors who work in industry, certifying

bodies and government. Most participants’ career goal is to

work in a multi-disciplinary environment in mid-to-large-sized

public/private organisations that have experience with safety,

health and environment.

Eindtermen

Niet gevonden

Programma (bijzonderheden)

A three-segment, or three-block, programme and consists of different modules. Block 1, General Principles, offers an understanding of the

impact of safety regulations and policy. During this block, participants learn how to draw up a risk analysis. Block 2, Applications, provides an overview of techniques, methods and tools for accident prevention and risk reduction. Finally, Block 3, Safety Management and Risk Control Policy, offers training in management and organisational issues. An

integrated project forms part of this block.

Overige bijzonderheden

Werd tot voor kort (voorjaar/zomer 2007) door TUD verzorgd.

URL

http://www.delft-toptech.nl/nl/index.php?option=com_content&task=view&id=25&Itemid=51



NL-4

Category

Data

Land

Nederland

Instelling

Nyenrode Universiteit

Naam programma

Integraal Security Management

Ranking

Niet gevonden

Initieel / post-initieel

Post-initieel (?)

Academisch / anders

Academisch

Aantal EC

?

Deeltijd / voltijd

?

Doelstelling


Doelgroep

Het programma is bedoeld voor iedereen die binnen de publieke en/of private sector een beleidsbepalende functie heeft binnen de gebieden security, risk of compliance.

Eindtermen

Niet gevonden

Programma (bijzonderheden)

In het najaar van 2007 start Nyenrode een gloednieuw Europees programma op het gebied van Security Management. Het is het eerste internationale integrale security management programma op academisch niveau in Europa. De opleiding wordt gegeven vanuit de nieuwe interdisciplinaire visie op veiligheid: ‘Boundless Security’. Inhoudelijk verantwoordelijk is Prof. Dr. Bob Hoogenboom.

Overige bijzonderheden

In samenwerking met de Fortress Group; voor alle geïnteresseerden is er op zaterdag 14 april 2007 een Masterclass Security, Risk & Compliance gegeven

URL

http://www.ib-markt.nl/index.php?option=com_content&task=view&id=4&Itemid=4

http://www.nyenrode.nl/download/news_at_nyenrode/edition_march07_NL.pdf

http://www.fortressgroup.nl/home.php?ID=7



NL-5

Category

Data

Land

Nederland

Instelling

Universiteit van Amsterdam

Naam programma

Executive Master Enterprise Risk Management

Ranking

Niet gevonden

Initieel / post-initieel

Post-initieel

Academisch / anders

Academisch

Aantal EC

tweejarig parttime programma

Deeltijd / voltijd

Deeltijd

Doelstelling

Niet gevonden (zie onder)

Doelgroep

Het programma Enterprise Risk Management van de Amsterdam Business School biedt een multidisciplinaire aanpak met een breed scala aan theoretische onderdelen en actuele praktijkcases. Deze opleiding is daarom bij uitstek geschikt als een aanvullende scholing voor high potentials in de Risk Management branche: financiële en risk managers bij overheidsinstellingen en bedrijven, makelaars, verzekeraars en auditors.

Eindtermen

Niet gevonden

Programma (bijzonderheden)

(zie boven)

Overige bijzonderheden

UvA is sponsor van de SVRM

URL

http://www.abs.uva.nl/emerm/home.cfm





NL-6

Category

Data

Land

Nederland

Instelling

TIASNimbas

Naam programma

Executive Master of Information Security Management (MISM)

Ranking

Niet gevonden

Initieel / post-initieel

Post-initieel

Academisch / anders

Academisch

Aantal EC

1260 uur @ 24 maanden

Deeltijd / voltijd

Deeltijd

Doelstelling

Na een succesvolle afronding van de opleiding MISM heeft u inzicht in de belangrijkste facetten van informatiebeveiliging, in het bijzonder in relatie tot het leiden en managen van informatie-beveiligingsactiviteiten in organisaties.

Na het volgen van de opleiding heeft u de volgende professionele competenties:

in interactie met de leiding van de organisatie en conform de aanbevelingen voor corporate governance, awareness met betrekking tot informatiebeveiliging in de organisatie creëren en specifieke behoeften aan maatregelen op het gebied van informatiebeveiliging vaststellen

risicobeoordelingen uitvoeren, informatiebeveiligingsbeleid formuleren en informatiebeveiligingsplannen (inclusief managementplannen en auditplannen) opstellen

securitymaatregelen van een organisatorische en procedurele aard ontwerpen en zorgdragen voor hun uitvoering, rekening houdend met relevante aspecten van wettelijke, zakelijke en gebruikers aard

service level agreements beoordelen en vaststellen, en security maatregelen onderhouden, evalueren en verbeteren

constructief samenwerken met de technische informatiebeveiligingsspecialisten en afstemming realiseren tussen beleid,  bedrijfsactiviteiten en IT-aspecten van informatiebeveiliging

optreden als een intermediair tussen de directie, de IT-afdeling en de operationele afdelingen van de organisatie wat betreft informatiebeveiliging

Doelgroep

Als kandidaat-deelnemer MISM dient u te beschikken over een afgeronde relevante universitaire opleiding of een afgeronde relevante hbo-opleiding.

Voorts is minimaal vijf jaar werkervaring vereist, waarvan twee jaar ervaring die relevant is voor het managen van de informatiebeveiliging in een organisatie.

Eindtermen

awareness met betrekking tot informatiebeveiliging in de organisatie creëren

specifieke behoeften aan maatregelen op het gebied van informatiebeveiliging vaststellen

risicobeoordelingen uitvoeren

informatiebeveiligingsbeleid formuleren

informatiebeveiligingsplannen (inclusief managementplannen en auditplannen) opstellen

securitymaatregelen van organisatorische en procedurele aard ontwerpen en zorgdragen voor hun uitvoering

service level agreements beoordelen en vaststellen, en security maatregelen onderhouden, evalueren en verbeteren

constructief samenwerken met de technische informatiebeveiligingsspecialisten en afstemming realiseren tussen beleid, bedrijfsactiviteiten en IT-aspecten van informatiebeveiliging

optreden als een intermediair tussen de directie, de IT-afdeling en de operationele afdelingen van de organisatie wat betreft informatiebeveiliging.

Programma (bijzonderheden)

In het eerste programmajaar zijn 7 modules gezamenlijk voor deelnemers van de opleidingen Master of Security in Information Technology (MSIT) en MISM. Elke opleiding kent daarnaast nog acht modules die opleidingsspecifiek zijn. Aan het eind volgt een quick scan, literatuurstudie en een afstudeeropdracht.

Overige bijzonderheden

TIASNimbas behoort tot de top-10 business schools van Financial Times

URL

http://www.tiasnimbas.edu/index.aspx?pgeId=214



NL-7

Category

Data

Land

Nederland

Instelling

TIASNimbas

Naam programma

Executive Master of Security in Information Technology (MSIT)

Ranking

Niet gevonden

Initieel / post-initieel

Post-initieel

Academisch / anders

Academisch

Aantal EC

1260 uur @ 24 maanden (exclusief het volgen van colleges)

Deeltijd / voltijd

Deeltijd

Doelstelling

Na een succesvolle afronding van de opleiding heeft u inzicht in de belangrijkste facetten van de informatiebeveiliging. U kunt na het volgen van de opleiding:

informatiebeveiligingsbeleid formuleren, een volledige risicoanalyse uitvoeren en een informatiebeveiligingsplan (inclusief beheer- en auditplan) opstellen   

de behoefte definiëren aan cryptografische voorzieningen en key management functies, beschikbare cryptografische beveiligingssystemen beoordelen op hun performance en een verantwoorde keuze maken uit het aanbod van beveiligingsoplossingen en -technieken 

beveiligingsmaatregelen van technische, organisatorische en procedurele aard ontwerpen en (laten)  implementeren, rekening houdend met juridische en gebruikersaspecten

het beveiligingsbewustzijn bevorderen

service level agreements beoordelen en accorderen en beveiligingsmaatregelen onderhouden, evalueren en bijstellen   

Doelgroep

De opleiding MSIT is bestemd voor personen met een IT-achtergrond die werkzaam zijn als:

(toekomstige) beveiligingsfunctionarissen

ICT-medewerkers

ICT-consultants

systeembeheerders

lijnmanagers

IT-auditors

Als kandidaat-deelnemer moet u aan één van de volgende eisen voldoen:

een afgeronde relevante universitaire opleiding

een afgeronde relevante hbo-opleiding

Eindtermen

Na een succesvolle afronding van de opleiding heeft u inzicht in de belangrijkste facetten van de informatiebeveiliging. U kunt na het volgen van de opleiding:

informatiebeveiligingsbeleid formuleren, een volledige risicoanalyse uitvoeren en een informatiebeveiligingsplan (inclusief beheer- en auditplan) opstellen

beveiligingsmaatregelen van technische, organisatorische en procedurele aard ontwerpen en (laten) implementeren, rekening houdend met juridische en gebruikersaspecten

de behoefte definiëren aan cryptografische voorzieningen en key management functies, beschikbare cryptografische beveiligingssystemen beoordelen op hun performance en een verantwoorde keuze maken uit het aanbod van beveiligingsoplossingen en –technieken

het beveiligings-bewustzijn bevorderen

service level agreements beoordelen en accorderen en beveiligingsmaatregelen onderhouden, evalueren en bijstellen

Programma (bijzonderheden)

In het eerste programmajaar zijn 7 modules gezamenlijk voor deelnemers van de opleidingen MSIT en MISM.

Elke opleiding kent daarnaast nog acht modules die opleidingsspecifiek zijn.

Aan het eind volgt een quick scan, literatuurstudie en een afstudeeropdracht.

Overige bijzonderheden

Graad toegekend door de TU/e (MISM vermoedelijk ook)

URL

http://www.tiasnimbas.edu/Index.aspx?pgeId=216



NL-8

Category

Data

Land

Nederland

Instelling

Erasmus Universiteit

Naam programma

Postgraduate program Information Security and Compliance

Ranking

Niet gevonden

Initieel / post-initieel

Post-initieel

Academisch / anders

?

Aantal EC

? @ 1,5 jaar

Deeltijd / voltijd

?

Doelstelling

?

Doelgroep

?

Eindtermen

?

Programma (bijzonderheden)

Deze opleiding is in oprichting en de intentie is in september 2007 van start te gaan. Het wordt georganiseerd door het Erasmus Institute Information Security & Compliance i.o. in samenwerking met een maatschappelijk Topinstituut i.o. van de Erasmus Universiteit. De opleiding bestaat uit 3 modules, namelijk Information Security Governance, Information Security Architecture en Information Security Compliance alsmede enkele special topics als daar zijn Outsourcing en Business Continuity Management en wordt afgesloten met een thesis. Naast de focus op een geintegreerde benadering van bovengenoemde 3 hoekstenen (modules) van ISC, staat in dit programma ook een focus centraal op het proces van integratie van ISC in het strategisch management en ontwikkeling van een organisatie.

Overige bijzonderheden

De opleiding lijkt niet vermeld te zijn in de postinitiële cursusprogrammabrochures van Erasmus School of Accounting & Assurance

URL

http://www.ib-markt.nl/index.php?option=com_content&task=view&id=4&Itemid=4

http://www.eur.nl/fileadmin/ASSETS/professionals/EUR_Brochure_Postac._Opleidingen_2007-2008_WEBGEBRUIK.pdf






NL-10

Category

Data

Land

Nederland

Instelling

Hogeschool Arnhem en Nijmegen (HAN)

Naam programma

Auditing en Risk Management

Ranking

Niet gevonden

Initieel / post-initieel

?? De post-initiële opleiding, in juni 2007 nog prominent op de site, is grotendeels onvindbaar.

Academisch / anders

HBO

Aantal EC

500 uur @ 1 jaar

Deeltijd / voltijd

Deeltijd

Doelstelling

Niet gevonden

Doelgroep

Mogelijke voorbeelden van vooropleidingen zijn: Bacheloropleidingen: Bedrijfseconomie, Management Economie en Recht, Commerciële Economie, Financial Services Management, Gezondheidszorg, hts informatica, Technische Bedrijfskunde of iedere andere afgeronde hbo- of universitaire studie met enige financiële kennis.

Eindtermen


Programma (bijzonderheden)

Er zijn twee deelgebieden te onderscheiden; het financiële deelgebied en het proces deelgebied. Deze worden in de volgende studie-eenheden toegelicht en uitgewerkt.

Control & Audit controletechnieken en risk management

Operational Auditing

Financial Audit

Treasury Risk management

Project Management & Auditing, waaronder Prince II.

De procesauditingkant van het werkgebied:

Onderzoeksmethodologie; analyses 

IT-security

Forensic Auditing, waaronder het COSO model.

Enkele studie-eenheden worden afgesloten met een integrale workshop, waarin een geïntegreerde case centraal staat. In samenwerking met KPMG wordt een referentiemodel gebouwd voor een operational audit.

Volgens het AKZO-model wordt een model gebouwd om de risico-analyse van operationeel tot strategisch niveau met verantwoordelijke managers in te kunnen schatten.

Overige bijzonderheden

Niet gevonden

URL

http://expertisecentra.han.nl/kc/finmgmnt/opleidingen/femsparm/opleidingsinformatie/index.xml



NL-11

Category

Data

Land

Nederland

Instelling

Hogeschool Arnhem en Nijmegen (HAN)

Naam programma

Management of Risk Control & Information Security (MRIS)

Ranking

Niet gevonden

Initieel / post-initieel

post-initieel

Academisch / anders

HBO

Aantal EC

? @ 2 jaar

Deeltijd / voltijd

Deeltijd

Doelstelling

De opleiding speelt in op een groeiende behoefte aan getrainde functionarissen die op managementniveau opereren en de beveiligingsrisico’s voor de organisatie kunnen inschatten en minimaliseren.

Doelgroep

Afgestudeerde hbo'ers, werkzaam in de informatiebeveiliging, met minimaal 2 jaar werkervaring

Eindtermen

Niet gevonden

Programma (bijzonderheden)

De opleiding is afgestemd op ICT-medewerkers met een hbo-achtergrond en ten minste twee jaar ervaring in het vakgebied. De studie wordt aangeboden in een tweejarige deeltijdvariant. Dit betekent één middag en aansluitende avond les per week en verder de nodige zelfstudie. De opleiding bestaat, naast theorie, uit twee casestudies en een Final Project.


In de opleiding komen de volgende onderwerpen aan de orde:

Risk management techniques

Risk scenario development

Techniques to reduce risks

Handling security incidents

Security management implementation

Risk and law aspects

Setup an logical security architecture

Project and process management

Auditing

Etc.

Overige bijzonderheden

Engelstalige internationale opleiding

URL

http://expertisecentra.han.nl/kc/ict/opleidingen/01pris/index.xml



NL-12, NIBE/SVV

Category

Data

Land

Nederland

Instelling

NIBE/SVV (Nederlands Instituut voor het Bank, Verzekerings- en Effectenbedrijf)

Naam programma

Risicomanagement (leergang) (HBO-opleiding Risk Management)

Ranking

Niet gevonden

Initieel / post-initieel

Post-initieel

Academisch / anders

HBO-niveau

Aantal EC

650 uur @ 7 maanden

Deeltijd / voltijd


Doelstelling

In deze leergang verwerft u de benodigde kennis en vaardigheden om ondernemingen uit het midden- en grootbedrijf en multinationals als riskmanager te adviseren.

Doelgroep

Directeuren, insurance- en riskmanagers, security safety officers, hoofden en medewerkers Juridische- en Financieel-economische zaken, verantwoordelijken rond kwaliteit en milieu, risicoadviseurs die ondernemingen uit het midden- en grootbedrijf en multinationals als riskmanager adviseren

Eindtermen


Programma (bijzonderheden)

Het programma bestaat uit 28 modules, afgestemd op de praktijk van de financiële dienstverlening:

Algemeen

1.Introductie van het programma

2.Ondernemen in een dynamische omgeving

3.Wat zijn risico’s?

4.Het 7-fasen model

5.Risico inventarisatie methoden

6.Analysemethoden en technieken

7.Oplossingstechnieken

8.Alternatieve vormen van Risicofinanciering

9.Positionering van RM in de organisatie

10.De rol van de spelers in het speelveld van RM

Bedrijfskundige aspecten

11.Introductie scriptie

12.Ontwikkeling van organisaties

13.HRM en cultuur

14.Financiële huishouding van de organisatie

15.Balanslezen en jaarverslag

16.Ontwikkelingen rond wet- en rechtspleging

17.Actuele wet- en regelgeving (Bazel II, Solvency II, Sox)

18.Corporate Governance en ethiek

19.Praktijkdag

Specifieke deelaspecten

20.Bespreken voortgang scriptie

21.Risicomanagement bij projecten

22.Veiligheid intern/extern deel 1

23.Veiligheid intern/extern deel 2

24.Informatietechnologie en automatisering

25.Crisismanagement en crisiscommunicatie

Examentraject

26.Proefexamen

27.Examen/verdediging scriptie

28.Diploma-uitreiking

Overige bijzonderheden

Co-productie van NIBE-SVV, IAB Instituut voor Actuele Bedrijfsvoering BV en de Haagse Hogeschool Post HTO. Deze formule biedt u de gelegenheid om na het behalen van het diploma Risicomanagement door te stromen naar de Registeropleiding op de Haagse Hogeschool Post-HTO.

URL

http://www.nibesvv.nl/View/Opleiding/223


NON-NEARBY PROGRAMMES, ABROAD

NR. 4


Category

Data

Country

UK

Institution

University of Kent

Programme name

Master Risk and Society: The MA in Risk & Society is the first degree of its type in the United Kingdom. The programme provides an inter-disciplinary social science perspective on debates over the character of 'risk society'. Students are involved in the critical analysis of risk in relation to developments in contemporary sociology, social policy, health policy and criminal justice. Risk perceptions, attitudes and behaviours are studied in a wide variety of social contexts and institutional settings.

Ranking


Graduate / postgraduate

Post-initeel

Academic / other

Acedemisch

Programme size

180 credits, 60 ECTS (120 credits, 60 ECTS from taught modules and a 60 credit, 30 ECTS dissertation)

Parttime / fulltime

1 year full time, 2 year part time

Aims & Objectives

N/a

Target group

The programme provides a grounding in social science research methods in relation to the study of risk. It is suitable for those who want to conduct graduate research into various aspects of the sociology and social policy of risk as applied to contemporary problems of risk assessment, risk communication and risk management. We aim to go as far as possible to accommodate the interests of those with both an academic and vocational interest in the social science of 'risk'.

Final qualifications

N/a

Programme (specifics)

The MA in Risk and Society provides a critical analysis of risk in relation to developments in contemporary sociology, social policy, health policy and criminal justice. The School study risk perceptions, attitudes and behaviours in a wide variety of social contexts and institutional settings. Individual modules include:
* Crime, Risk and Society
* The Management of Health Risk
* Politics, Policymaking and the Management of Risk
* Risk, Social Policy and the Life Course
* The Sociology of Risk
* The Sociology of Violence.

Other specifics

--

URL

http://www.kent.ac.uk/sspssr/postgraduate/taught/risksoc.html












NR. 5


Category

Data

Country

Australia

Institution

University of New South Wales

Programme name

Master of Science and Technology in Risk Management (preceding this to obtain the Master Degree – Graduate Diploma of Risk Management

Ranking

N/a

Graduate / postgraduate

Graduate

Academic / other

Academic

Programme size

72 Units (?)

Parttime / fulltime

N/a

Aims & Objectives

N/a

Target group

The Masters Programs is primarily intended for people who wish to specialise in Risk Management in their profession.

Final qualifications

The Graduate Diploma of Risk Management provides a general introduction to risk management as it is applied across all disciplines. Courses for the program are offered by the Faculties of Science and Technology, Engineering, and Commerce and Economics. At the end of the Graduate Diploma program students should:

Be able to apply the risk management process as described in AS4360 Risk Management to risks of relevance to their organisation.

Be able to apply a range of risk analysis techniques to technical and financial issues

Have a basic understanding of key insurance issues

Have extended there knowledge and uinderstanding of particular risk issues through a choice of elective subjects

Programme (specifics)

At the end of the Masters program students should have achieved the objectives of the Graduate Diploma Course and in addition studied more in depth electives and a risk management project. Elective subjects may be from a financial or technical area or a mixture of the two. Candidates are required to complete 72 Units for the degree. Students may receive advanced standing in the preliminary courses on the basis of prior studies providing they can demonstrate the prerequisite knowledge for the core courses. Exemption, but not advanced standing, may be given for core and elective courses.

Other specifics

--

URL

http://www.safesci.unsw.edu.au/plans/risk/msctech.html










NR. 6


Category

Data

Country

Australia

Institution

Swinburne University of Technology

Programme name

Master of Technology Management (Risk Management)

Ranking

N/a

Graduate / postgraduate


Academic / other

Academic

Programme size

The Master of Technology Management (Risk Management) comprises nine units each of 12.5 credit points, plus an advanced research project dissertation of 37.5 credit points, normally taken over three years of part-time study.

Parttime / fulltime

18 Month/s (Or three years part-time)

Aims & Objectives

This program addresses the needs of industry to improve the management of resources associated with short and long term risk to people, assets and production. The program provides further studies for graduates from all branches of engineering, applied science and business who wish to gain more specialist knowledge in risk management.

Target group

This program is designed primarily to meet the needs of personnel currently involved in, or wishing to be involved in the risk management industry. In addition, the program is designed to have considerable application for personnel in a wide range of technologically based industries including rail, shipping, heavy industry, the chemical industry and energy production.

Final qualifications

N/a

Programme (specifics)

Units of Study:

Stage 1: Risk Perception and Analysis, Risk Management Principles,
Financial Risk Management

Stage 2: Quantitative Risk and Modelling, Risk Management Systems, New Venture Development and Management

Stage 3 (by Coursework)
Research Design and Methodology

Stage 3 (by Research)
Research Design and Methodology
Research Project (37.5 credit points)

Electives can be selected from:
Risk Technology Strategies
Industrial Environment and Human Factors in Risk

Other specifics

--

URL

http://courses.swinburne.edu.au/Courses/ViewCourseInternational.aspx?id=11961#findoutmore








NR. 7


Category

Data

Country

Canada

Institution

Simon Fraser University, Segal Graduate Business School

Programme name

Master Financial Risk Management: Our MA in Financial Risk Management program places an increased emphasis on both technical and analytical abilities. It highlights an elevated level of expertise in both the quantitative and strategic aspects of risk management and it will give you an opportunity to acquire leading-edge skills through advanced courses in financial theory. Your proficiency will be enhanced through courses in market, operational, credit and insurance risk. Overall, you will become extremely well prepared to identify, implement and monitor systems for managing the risks that confront financial services firms.

Ranking

N/a

Graduate / postgraduate

Postgraduate

Academic / other

Academic

Programme size

N/a

Parttime / fulltime

The MA in Financial Risk Management is a full-time, 38-credit hour program delivered over three semesters. 12 months fulltime.

Aims & Objectives

N/a

Target group

Candidates are preferably working in the financial services sector and are recent graduates holding a bachelor's degree in a quantitative discipline such as business, economics, mathematics, the sciences or engineering. They are numerically astute and enjoy working in the stimulating, analytical environment of finance. They possess excellent written and oral communication skills, and you thrive on challenge.

Final qualifications

N/a

Programme (specifics)

The Master of Financial Risk Management program places an emphasis on both technical and analytical abilities. The first term is designed to provide foundations in financial economics, econometrics, derivative securities and enterprise-wide strategic risk management. Courses in the second and third terms supplement and extend these foundations to various specialized topics such as credit, insurance and market risk. These topics provide the framework for students to choose the focus of their Project, an in-depth research paper on one aspect of the risk management spectrum.

Other specifics

A Final Project will require in-depth research related to the curriculum.

URL

http://www.sfubusiness.ca/programs/segal/graduate/riskmanagement/program-overview/learn.php











NR. 8


Category

Data

Country

Poland, Chechia, Germany

Institution

Neisse University

Programme name

M.Sc. Environmental Health and Safety Risk Management

Ranking

N/a

Graduate / postgraduate

N/a

Academic / other

Academic

Programme size

120 ECTS points

Parttime / fulltime

N/a

Aims & Objectives

Aims in capacity building and extended vocational training for young professionals in the field of quality-, environmental- and occupational health and safety management, thereby reducing corporate risks. 

Target group

N/a

Final qualifications

Graduates in “EH+S RM” will get the ability to analyse and to manage complex problems from an integrated perspective including economic, ecologic and social issues. Graduates will have acquired capabilities to apply solutions and will have gathered social skills as communications, project management and team work. They will have solution-oriented and specialised knowledge especially for interdisciplinary challenges. Graduates will be skilled in business management procedures and thus they will be able to initialise and to make decisions that support Sustainable Development by regarding technical and economical efficiency and at the same time ecological and social relevance.

Programme (specifics)

Compromising different categories as fundamental science, risk management, natural sciences and technical issues the Master levels course on “Environmental Health and Safety Risk Management” ensures a complex but problem-oriented understanding of environmental systems. The knowledge of ecosystems and the life supporting services they provide as basis of economic systems and industrial metabolism is complemented with key knowledge of business management and administration.

A certain focus lies on risk management for enterprises including financial, quality, environmental and (occupational) health and safety issues. This integrated management approach corresponds to today’s thinking and European trends, also with regard to BASEL II assessments, Integrated Product Policy (IPP) and other legislations.

Other specifics

--

URL

http://www.neisse-uni.org/start/content/view/96/104/lang,ISO-8859-3/











NR. 9


Category

Data

Country

Sweden

Institution

Lund University

Programme name

Master Risk Management and Safety Engineering

Ranking

N/a

Graduate / postgraduate

Graduate

Academic / other

Academic

Programme size

Compulsory courses 60 ETCS Credits

Elective courses 30 ETCS

Senior thesis 30 ETCS

Parttime / fulltime

Lund University started a two-year engineering programme leading to a Master of Science in Risk Management and Safety Engineering

Aims & Objectives

The programme should, in particular, offer students the conditions to learn and apply risk analysis as a systematic tool:

oTo identify and assess risks.

oTo implement measures to reduce risks with the objective of preventing, or at least limiting, injury to humans, and damage to the environment or property.

oBased on the objectives of organisations and the requirements of society, to formulate and work with management systems, especially in the areas of safety, health and the environment so as to establish a low level of risk with regard to finance and sustainable development.

Target group

N/a

Final qualifications

N/a

Programme (specifics)

The main focus, with emphasis on safety, health and the environment, will be on accidents defined as undesirable incidents having an adverse effect on people, the environment, equipment, property and business. These incidents are usually of short duration, are unintentional, and do not form part of the normal function of the system. Other effects on health and the environment will also be considered, where the exposure is long-term in character and is a result of the normal function of a system, or of a normal lifestyle. In particular, engineering education should provide the basis for the application of risk analysis as a systematic work process.


The education should also increase the depth and breadth of knowledge, and create the capability of communicating and collaborating with many different categories of technical and non-technical individuals, as well as being able to work in risk management on the local, regional, national and international scale.

Other specifics

The programme consists of compulsory courses, elective courses, and senior thesis (M.Sc. dissertations).

URL

http://www.riskmanagement.lth.se/information/index.htm







NR. 10


Category

Data

Country

Belgium

Institution

Katholieke Universiteit Leuven. Department of Postgraduate Formation (KULAC) in collaboration with Amelior, a provider of consultancy, training and documentation services in the domains of quality, safety, the environment and management. Endorsed by BELRIM.

Programme name

Risk Management (code 9425)


Ranking

N/a

Graduate / postgraduate

Postgraduate

Academic / other

Academic. Apparently not a degree (M/MSc) programme

Programme size

?; 1 year programme. Fee of € 3840.

Parttime / fulltime

Parttime. 34 weekly tutorials from Saturday 19 January to December 2008, each of 08.30 to 13.00 hrs.

Aims & Objectives

§You will acquire knowledge regarding terms, methods, concepts and patterns of thought of risk control and the risk management process.

§You will learn to effectively apply the acquired knowledge in practice

§You will learn to execute risk management in a team

§You wil acquire insight in how risks are identified and analysed in order to develop and execute an optimal and integrated risk control plan

§You are capable of selecting and implementing the most appropriate risk financing techniques

§Throug the ability to implement an integrated risk management system you create a competitive advantage for your company

§You will have numerous opportunities to exchange experiences.

Final qualifications

N/a

Learning targets

N/a

Target group

This programme focusses on anyone who seeks to do risk management professionally. Possible positions are: general managers, deputy managers, controllers, directors of finance, risk managers, strategists, safety engineers, etc.

Programme (special aspects)

Programme: 1) Introduction, 2) Identification, Analysis and loss control of risks, 3) Risk financing, 4) Operational organisation, 5) Synthesis: concluding global risk management case

Other special aspects

Admission:

You have a university diploma or a diploma higher education long type. Holders of a diploma higher education short type can be admitted provided that a convincing and motivated application dossier is submitted.

The programme committee decides on admittance base don prior education, relevant professional experience, curriculum, motivation and order of submission.

URL

http://www.kuleuven-kortrijk.be/nl/PAV/Opleidingsaanbod/Opleiding/?code=1318








NR. 11


Category

Data

Country

USA

Institution

Lewis University

Programme name

Master of Science in Public Safety Administration

Ranking

N/a

Graduate / postgraduate

N/a

Academic / other

Academic

Programme size

36 credit hour program

Parttime / fulltime

Courses are eight weeks in length with six sessions per year and are offered in the evening. Individual class meetings are once a week for four hours.

Aims & Objectives

N/a

Target group

N/a

Final qualifications

N/a

Programme (specifics)

Public Safety Administration and Management (3)
Fiscal Management for Public Safety Administrators (3)
Public Safety Leadership– Theory and Practice (3)
Critical Thinking and Decision Making (3)
Public Safety Training – Management and Development (3)
Ethics, Integrity, and Social Responsibility (3)
Public Safety Law and Civil Liability (3)
Fire/Police/Protection Operations (3)
Labor Relations in the Public Sector (3)
Risk/Crisis Management (3)
Human Resource Development (3)
Public Safety Agencies and the Community (3)

Other specifics

At the conclusion of the coursework, the student must successfully pass a Comprehensive Program Examination. A comprehensive program examination will be required. The examination is established to affirm understanding by the student and to confirm to the Department and the University that learning has occurred. The comprehensive examination is also an indicator that the course content is reflective of current practices. The form of the examination will utilize written or oral presentations or defenses as directed by the chairperson.

URL

http://www.lewisu.edu/academics/publicsafetyadmin/curriculum.htm
















NR. 12


Category

Data

Country

UK

Institution

University of Aberdeen

Programme name

Safety engineering and risk management (MSc/PgDip)

Ranking

N/a

Graduate / postgraduate

Postgraduate

Academic / other

Academic

Programme size

See programme

Parttime / fulltime

12 months full-time or 24 - 36 months part-time.

Aims & Objectives

The aims of the programme are to provide education and training at postgraduate level for graduate engineers in the general area of safety, reliability and risk management.

Target group

N/a

Final qualifications

N/a

Programme (specifics)

First Half-Session

Fundamental Safety Engineering and Risk Management Concepts (15 credit points)

Statistics and probability for safety, reliability and quality

(15 credit points)


either

Finding Oil: Geosciences in Exploration and Production

(15 credit points)

Getting Oil Out: Engineering from Borehole to Surface

(15 credit points)

or or

Environmental Engineering (30 credit points)


Second Half-Session

Advanced methods for risk and reliability assessment

(15 credit points)

Project Management and Group Project

(15 credit points)


and 4 courses from the following list:

Applied Risk Analysis and Management (7.5 credit points)

Process safety and reliability (7.5 credit points)

Fire and explosion engineering (7.5 credit points)

Reliability-based fatigue and fracture assessment (7.5 credit points)

Reliability of Structural Systems (7.5 credit points)

Other specifics

For MSc candidates only

Safety Engineering Individual Project (60 credit points)

URL

http://www.abdn.ac.uk/registry/calendar/pgdisplay.php?ID=1088


APPENDIX 3 – Professional sources – The Netherlands


Nr.1

Organization

Marsh

Country

Netherlands

Goal of the organization

Marsh focuses a.o. on Risk Consulting

Target group /

Professional field

(Potential) clients and potential employees

REQUIREMENTS

General

The risk manager must have communication skills (especially listening skills)

Academic

--

Profession

The risk manager will have to initiate a process of identification, evaluation, control and documentation of risks. This process will need to be executed on a regular basis to assure that all relevant risks are being identified, not only at the strategic, but also at the tactical and operational level. Even far more important is that by introducing risk management at the tactical and operational level, a contribution is made to the risk awareness of employees.

Besides initiating the process the risk manager will have to oversee good qualitative analysis. The risk manager therefore must have sufficient seniority to be able to give an initial content-driven judgement of the comprehensiveness and correctness of the analysis.


A company is faced with a broad range of risks. The risk manager therefore needs to posess a sound ‘helicopter view’ to be able to oversee all risks. The range of risks clearly stretches far beyond just the traditional financial risks. Besides a keen analysis, in which he oversees the broad spectrum of risks, the risk manager will also have to possess the required communication skills (especially listening skills) to clarify to managers the added value of risk management. In addition the financial insight of the risk manager is called upon to provide a correct interpretation of the financial consequences of incidents and risks and key performance indicators regarding risks.


Other

There is an increasing need for generalists who can design and manage an integrated risk management process.

URL

http://www.marsh.nl/serviceNL/riskconsulting/CROofoudeCFO.php



Nr.2

Organization

www.werken.nl

Country

The Netherlands

Goal of the organization

Portal for study and work seekers

Target group /

Professional field

Treasurers / Risk managers in the Banking industry

REQUIREMENTS

General

Stress resilience

Good people skills

Can work independently

Good verbal and written communication skills

Academic

Analytical competence

Profession

Good data insight and ability to work accurately

Good negotiation skills (with banks, Insurance companies, etcetera)

Commercial insight

Able to make decisions quickly and to generate inventive solution

Interested in IT systems and electronic communication

Other

--

URL

https://www.werk.nl/portal/page/portal/werk_nl/werknemer/meer_weten/werktraject/beroepen

_gericht_zoeken/zoekresultaat/beroepsdetail?1=1&occupationID=13007



THE SOURCES Nr. 3 through Nr. 9 DID NOT PROVIDE ADDITIONAL INFORMATION ON REQUIREMENTS

Nr.3

Organization

NIBE-SVV

Country

The Netherlands

Goal of the organization

NIBE-SVV is a leading educational centre for the financial industry (banking, insurance, stocks)

Target group /

Professional field

Financial industry

Risk Management

NIBE-SVV provides a comprehensive range of risk management courses with a duration ranging from a 4-day short course to a 650 hr higher professional level non-degree programme. The 650 hr programme positions a risk manager as an advisor.

Requirements

N/a

URL

http://www.nibesvv.nl/Search/Fulltext.aspx?keyword=risicomanagement



Nr.4

Organization

Nivra-Nijenrode

Country

The Netherlands

Goal of the organization

To provide academic education and research in the area of accountancy and controlling.

Target group /

Professional field

Accountancy and controlling

Risk Management

Nivra-Nijenrode provides short courses on risk management, e.g. the three-day course ‘Beyond risk management’.

Requirements

N/a

URL

http://www.nivra-nyenrode.nl/onze-opleidingen/permanente-educatie-pe/beyond-risk-management


Nr.5

Organization

Ernst & Young

Country

The Netherlands

Goal of the organization

Accountancy and consultancy.

Target group /

Professional field

Broad.

Risk Management

E&Y provides comprehensive documentation on risk management and also it provides short courses on risk management, e.g. the two-day course on Derivatives and Risk Management

Requirements

N/a

URL

http://www.ey.com/Publication/vwLUAssets/Training_Derivaten_en_Risicomanagement/$FILE/Training_Derivaten_en_Risicomanagement.pdf


Nr.6

Organization

AT Osborne (Utrecht)

Country

The Netherlands

Goal of the organization

Management consultancy specialized in housing, infrastructure and the environment. The AT Osborne consultants and managers support strategic issues, a second opinion but also fully support a client’s investment project.

Target group /

Professional field

Housing, infrastructure and the environment.

Risk Management

Risk management does not seem to be a key issue at AT Osborne. In 2007, however, AT Osborne did publish a book: Managing uncertainties - Risks and opportunities of large (construction) projects.

Requirements

N/a

URL

http://www.atosborne.nl/publicaties/managen%20van%20onzekerheden.%20risico's%20en%20kansen%20bij%20grote%20projecten



Nr.7

Organization

Deloitte

Country

The Netherlands

Goal of the organization

Accountancy and Consultancy

Target group /

Professional field

Broad

Risk Management

Deloitte has a service offering for risk management and control, including Control Assurance, Quality and Integrity of Data, Process and System Risks, Project Risks and Strategic Risk Management.

Requirements

N/a

URL

http://www.deloitte.com/dtt/section_node/0,1042,sid%253D16138,00.html


Nr.8

Organization

AON

Country

The Netherlands

Goal of the organization

Risk consulting and insurance

Target group /

Professional field

Broad

Risk Management

AON has a service offering for risk management including a variety of ICT tools.

Requirements

N/a

URL

http://www.aon.com/nl/nl/risicomanagement/default.jsp/$FILE/Training_Derivaten_en_Risicomanagement.pdf


Nr.9

Organization

KPMG

Country

The Netherlands

Goal of the organization

Accountancy and consultancy

Target group /

Professional field

Broad

Risk Management

(Thanks to the comprehensive site search facility): KPMG is active in risk management in various areas, e.g. in the public sector, financial sector, education, healthcare, fund raisers. It offers e.g. strategic risk management and pragmatic compliance risk management.

Requirements

N/a

URL

http://www.kpmg.nl/site.asp?id=362&process_mode=mode_search_start

APPENDIX 4 – Professional sources – International


Nr.1

Organization

Risk Management Institution of Australia (RMIA)

Country

Australia

Goal of the organization

Mission: To champion the concept of risk management as a legitimate business discipline in its own right. To foster and develop risk management professionalism and to firmly establish RMIA's position as the pre-eminent authority representing the discipline of risk management to industry, government, media and the community in the Asia Pacific region.


Objectives:

§To promote and further the interests of and advancement of the profession of risk management.

§To provide a forum for and to disseminate and exchange views, ideas and experience of the profession of risk management.

§To promote and support educational activities and research that provide professional development of the science, art, skills, attitudes and knowledge of risk management.

§To accredit education on risk management through associated companies and through institutions approved by and courses accredited by RMIA and to support development of risk management programs/courses through suitable tertiary education establishments.

§To support accrediting bodies for risk management education.

§To form, assist or maintain risk management-related libraries and archives including internet and electronic resources for the use of members and others.

§To co-operate or affiliate with organisations having similar objectives.

§To assess members applying for CPRM designation.

§To provide a means for testing qualifications of members applying to RMIA to use post nominals.

§To provide examinations or other tests for people seeking the issue or renewal of a license to use the CPRM designation.

§To monitor and review professional activities of RMIA members for continued compliance with its membership and license criteria.

Target group /

Professional field

Certified Practicing Risk Manager: You are likely to be responsible for the

enterprise risk management system of your organization and have responsibility

for and/or demonstrated knowledge and understanding of:

• corporate governance and accountability frameworks

• risk management frameworks

• risk management information systems

• whole of organization management of risk advice

• internal controls (e.g. internal and compliance auditing)

• strategic planning, business improvement planning

• strategic advisory services; and

• business continuity management.


Certified Risk Management Technician: focused on managers of risk and/or specialist practitioners starting the transition to more senior roles. The areas of technical skill or risk specialization may include but are not limited to:

• workplace health and safety

• education and training

• insurance, banking and finance

• security

• defense

• emergency services

• fraud, theft and other loss controls

• facilities and infrastructure

• fire prevention and control

• hospitality and tourism

• environmental management

• transport and distribution services

• retail sector

• manufacturing sector

• resource sector

• public

• local government

• telecommunications; and

• information security.

REQUIREMENTS

General

--

Academic

--

Profession

Competency 1: Apply and promote risk management philosophy, principles and concepts.

With the growth of risk management as a discipline, it is important for a CPRM to have clearly defined concepts, philosophies and principles upon which their work is based. This unit of competency is designed to demonstrate the broad scope of risk management application and is focused on mapping relationships with other disciplines, programs or initiatives. This competency targets the philosophical underpinning of thinking on risk management and will influence the application of competency 2.


Competency 2: Select and utilise risk management processes, terminology, methods, tools and techniques.

This competency highlights an applicant’s use of structured processes, methodologies and techniques required to identify and communicate risk information. It is expected that applicants' use of risk management processes, techniques and methods extends beyond that detailed in AS/NZS 4360 and may include the design and development of supporting processes, tools or techniques. The aim of this unit of competency is to provide confidence that a CPRM can select, advise and apply quality risk processes to communicate risk information in an effective manner.

Competency 3: Develop and implement risk management frameworks, programs and systems.

A CPRM needs to be equipped to advise on the establishment, implementation and improvement of risk management frameworks, programs and systems to aid organisations. The scope of this competency extends to engaging top level support, identifying risk management needs and requirements, development of risk management policy and procedures, development and implementation of appropriate risk management systems, risk management training, promotion, education, organisational risk reporting, audit and evaluation and measuring performance of risk management regimes.

   

Competency 4: Facilitate the development of an organisational risk culture 

A CPRM is expected to contribute to and assist in bringing change in the way organisations approach the management of risk. A CPRM may be viewed as a change driver and may be responsible for developing the risk culture of the organisation. This competency focuses on the elements required to achieve cultural development and may extend to creating an environment which will influence behaviour toward risk which will in turn shape a culture. 


Competency 5: Demonstrate attributes of a CPRM

To be effective in applying the risk management body of knowledge, applicants are to demonstrate they possess a collection of specific attributes. The CPRM applicant is to demonstrate at least 10 of the attributes indicated and provide evidence of these characteristics. The attributes include a CPRM’s ability to communicate, analyse, influence, lead, challenge, facilitate and motivate.

Other




Nr.2

Organization

Risk and Insurance Management Society (RIMS)

Country

USA

Goal of the organization

The Risk and Insurance Management Society, Inc. (RIMS) is a not-for-profit organization dedicated to advancing the practice of risk management, a professional discipline that protects physical, financial and human resources. Founded in 1950, RIMS represents nearly 4,000 industrial, service, nonprofit, charitable, and governmental entities. The Society serves over 10,000 risk management professionals around the world. Mission: The Risk and Insurance Management Society, Inc. (RIMS) serves its members by proactively providing the highest quality products, services and information to manage risk effectively.

Target group /

Professional field

Essentially the risk manager helps protect his or her organization both internally and externally from things that threaten its integrity. That includes the property, the assets, and the people. Applying the risk management model of risk identification, assessment, measurement, mitigation and monitoring to the satisfaction of management and governance makes risk management a vital corporate function.

REQUIREMENTS

General

CONCEPTUAL SKILLS

This is the strategic layer which requires the ability to understand all the organization’s activities, how the pieces fit together, and how the organization can achieve its strategic goals. These skills include the ability to adopt a horizontal, portfolio approach of ERM.


These skills include:

Planning: Determine appropriate goals for an enterprise; goal oriented; sees the big picture; maintains a global perspective.

Organizing: Create an ERM department; staffing; build relationships with other stakeholders; create a risk management culture; leverage diversity.

Decision Making: Recognize and analyze problems and make difficult choices under uncertain conditions in dynamic global environments; use benchmarking to compare appropriate data; show good judgment.

Management Process: Know the basic five step management process of creating a program, analyzing opportunities, identifying solutions, the decision process, and system administration.

Ethical Judgment: Know ethical theories; demonstrates a high level of ethical behavior - as evidenced by compliance with the fiduciary duties of care (competency and due diligence), disclosure (transparency), and loyalty.

Organizational Architect: Able to build business relationships, strategic alliances, and partnerships as well as being able to secure mutual benefit from such arrangements..

Strategic Thinking: Employ a sense of vision to create new innovative concepts, products, and solutions.

Academic

--

Profession

TECHNICAL SKILLS

This is the operational layer where many of the traditional duties and

specialized skills of risk managers come into play.

Risk Management Process: Understand risk management model; adapt a model to the organization’s needs; understand how risk creates value. Know the risk management process of creating a risk program, analyzing risks, identifying solutions, using a decision process, and system administration.

Risk Analysis: Link risk initiatives into critical business drivers; per form risk identification, measurement, and analysis applying statistical concepts; create valid risk forecasts; perform risk mapping and risk profiling; determine the cost of risk.

Risk Control: The ability to apply risk control theories to create prevention, reduction, enablement, and enhancement tactics; can create emergency response and business continuity plans.

Risk Financing: Thoroughly understand risk retention plans and risk financing transfers, including insurance, alternative risk financing, and hybrid plans; prepare allocation to cost centers.

Enterprise Risk Management (ERM): Understand the techniques and processes for optimizing risk taking decisions with in an organization.

Project Management: Understand how to successfully design and implement projects; can prepare risk management reports.

Insurance Knowledge: Understand the basics of 1) contract provisions and legal doctrines; 2) claims management; create portfolios of and place insurance coverage; be knowledgeable of global insurance markets; pricing; risk aversion; regulation; and able to negotiate, write and renew insurance contracts.

Vendor Relations: Establish and maintain agent/broker relationships; develop other vendor relationships (third party administrator (TPA), RMIS, legal, safety, etc.).

Risk Management Information Systems (RMIS): Implement and operate comprehensive RMIS and claims management systems.


CORE COMPETENCY SKILLS

These form the basis upon which all competent managers stand. These skills are sometimes considered the “soft” interpersonal or personal skills, but they are also in fact the basic business

management skills.


Interpersonal:

Leadership: Ability to influence others’ behavior toward the enterprise’s goals; having a high emotional intelligence; can build trust while maintaining confidentiality.

Motivator: Ability to inspire others to pursue the enterprises objectives.

Negotiations: Ability to listen and to manage conflicts and achieve compromise while meeting meaningful goals and respecting other parties’ perspectives.

Consensus Builder: Ability to merge many ideas into a cohesive plan.

Team Builder: Ability to unify workers to achieve a common goal.

Personal:

Motivated: Inspired to succeed and the ability to help others achieve their goals as well as being driven to deliver on goals. Innovative: Ability to be creative and inquisitive; seek new solutions to challenges; and able to be adaptable, flexible, and open to change.

Experienced: Possesses adequate practical experience in appropriate disciplines.

Communication: Ability to listen and understand others’ points of view and to articulate tactfully and respectfully one’s own perspective orally, in writing, and in presentations.

Consultative: Ability to advise the organization’s various divisions on how they can manage their particular risks.

Business Skills:

Accounting: Understand the basic accounting concepts of transaction recognition, matching, and conservatism, and the ability to prepare financial reports.

Economics: Understand micro and macro-economics, demand and supply, equilibriums, income, employment, and fiscal policies, money and banking, and resource allocation.

Finance: Know capital structuring, capital budgeting, working capital management, analyzing financial statements, ratio analysis, the time value of money, portfolio theory, capital market transfers, asset/liability matching and financial engineering.

Legal: Understand the legal components of the risk management industry.

Compliance: Know the fiduciary duties to identify, disclose, and manage an organization’s risks.

Human Resource: Understand labor demand and supply, employment process, diversity management, training and development, and compensation and benefits.

Management: Plan, organize, lead, control, and allocate resources.

Information Technology: Understand the essential components and requirements so as to assist in designing an RMIS;networking.

Marketing: Know market SWOT (Strengths, Weaknesses, Opportunities, and Threats) analysis, product development, pricing, packaging, promotions, and distribution; keep up with key industry trends and developments; know key customers and competitors; know how to differentiate their organization from competitors.

Operations: Knowledge of how a business functions, process design, capacity planning and scheduling, inventory management, and quality control.

Statistics: Understand data collection, description, modeling, probability, hypothesis testing, regression, time series analysis, decision analysis, trend analysis, and forecasting.

Security: Securing the physical assets and premises of the enterprise. Ensuring personal security of staff as well as ensuring of intellectual property and data management systems.

Safety: Protecting the physical well-being of personnel against work-related accidents, injuries, or other debilitations.

Audit: Review the accuracy of an organization’s internal control systems and financial operations.

Other

--









Nr.3

Organization

Public Risk Management Association (PRIMA)

Country

USA

Goal of the organization

A: PRIMA will be its members’ primary indispensable resource for risk

management education programs, products and services and a source for

positive experiences.

B: PRIMA will be the recognized risk management resource for the public sector

C: PRIMA will be innovative in enhancing the relationship among PRIMA, its

membership and its corporate partners.

Target group /

Professional field

--

REQUIREMENTS

General

--

Academic

--

Profession

Core Competencies in Detail


Competency Area One: Introduction of Core Competencies

Competence: PRIMA has identified as an important competency. A demonstrable

awareness and knowledge of the history of risk management and insurance, especially as it bears on the specific practice of risk management in the public sector.


Purpose of Competence: Competency Area One provides managers with a general

perspective and insight that influences all aspects of their approach to risk management.


Competence Criteria: A risk manager, or individuals with risk management

responsibilities, should have an understanding of:

Knowledge of the history of risk management.

Specific knowledge of the history of risk management in a public sector setting and specific issues pertaining there to.

Specific knowledge of insurance, and insurance markets, pooling, and alternative risk financing programs and their relationship and influence on the public sector.

An awareness of traditional risk management's relationship to other relevant fields, such as occupational health and safety, finance, audit, law, and operations—and those fields' influence on the development of risk management.

Knowledge of existing guidelines and standards (such as Committee of Sponsoring

Organizations of the Treadway Commission—COSO—and the International

Organization for Standardization--ISO) that influence the external evaluation of risk management practices.


Demonstration of Competence: Possible demonstrations of competence include:

Successful completion of PRIMA Institute, Association in Risk Management (ARM) or Risk Management in Public Entities (RMPE).

Evidence of an understanding of background and context issues seen in the production of reports or strategies employed.

Activity (such as research, articles, reports) illuminating the history of, or developments in, public sector risk management.


Competency Area Two: Risk Management Core Knowledge

Competence: PRIMA has identified a core of technical risk management competencies that are deemed to be essential to effective risk management practice. They are 1) risk identification and assessment, 2) risk control, 3) risk financing, 4) law and legal principles, and 5) risk management program administration.


Purpose of Competence: Competency Area Two will provide managers with substantive knowledge of the technical tools of the field of risk management.


Competence Criteria: A risk manager, or individuals having risk management

responsibility, should have knowledge of:

Goal setting for risk management.

Risk communication tools and techniques.

Risk assessment tools, techniques and strategies.

Risk control measures and the methodologies and tools necessary to implement such measures.

Methods for evaluating the effectiveness of risk control measures.

The legal environment and its relationship to the risk environment.

Ethical principles and standards in risk management.

Tools relevant to risk financing including insurance, banking arrangements, pooling, self-insurance, and alternative risk financing.

Catastrophe management and the rules and standards that are applicable to issues such as disaster recovery, homeland security, and emergency management.

Setting risk management policies and developing policy statements. Risk communication tools and techniques.

Program review, monitoring and audit methods.


Purpose of Competence: It is expected that competency area two will provide managers with substantive knowledge of the technical tools of the field of risk management.


Demonstration of Competence: Possible measures of performance include:

Completion of relevant university-level course work and examination or evaluation.

Evidence that risk management principles and techniques are employed by the manager(s) in question.

Commendations or external recognition and validation of risk management efforts (awards, letters of recognition, external reviews, 360 degree reviews).

Other degrees, certifications, and programs of study (ARM, RMPE, and PRIMA Institute).


Competency Area Three: Public Administration Knowledge

Competence: PRIMA has determined that effective risk managers possess competency in understanding basic public administration concepts, issues, and practices. Those deemed core competencies are public administration processes and operations. Below are the competency areas with sub-topics viewed as essential to effective risk management.


Purpose of Competence: Competency Area Three will provide managers with an

understanding of the public sector context, the specific political and managerial issues

therein, and the relationship of these environmental factors on the practice of risk

management.


Competence Criteria: A risk manager, or individuals having risk management

responsibility, should have knowledge of:

General principles of public administration.

Specific administrative processes such as public budgeting, financial management, audit and accounting, human resources/employee relations, procurement, and legislative procedures.

Political processes, dynamics, and policymaking.

Governmental Public law.

Principles of organization behavior, including strategies for effective public leadership and management.

The scope of public activities and services, and issues pertaining to those activities

Demonstration of Competence: Possible measures of performance could include:

Completion of non-degree coursework with examination or evaluation (PRIMA Institute, ARM, and RMPE) would partly fulfill this competence area.

Evidence that knowledge of public administration positively influences the effectiveness of programmatic risk management efforts.

Evidence provided by external evaluators that the manager's knowledge of public administration demonstrably leads to effective risk management.

Other degrees and certifications in the field of public administration (undergraduate Bachelor of Arts/Sciences diploma, Masters Degree in Public Administration—MPA, Masters Degree in Business Administration—MBA, or Masters of Science in Risk Management—MSc).


Competency Area Four: General Management Knowledge and Skills

Competence: PRIMA has identified certain general managerial skills and knowledge to be part of risk management core competencies. They are 1) communication skills, 2) education and training techniques, 3) leadership skills, 4) critical thinking skills, 5) decision making skills, and 6) general management skills. Below are the competency areas with the sub-topics PRIMA deems essential.


Purpose of Competence: Competency Area Four will provide managers with a general foundation of skills and knowledge that enable them to understand general principles of management and leadership and apply those skills and knowledge to public risk management.


Competence Criteria: A risk manager, or individuals having risk management

responsibility, should have knowledge of and competency in:

Effective communication skills (listening, written, oral, negotiation).

Education and training principles and practices.

Leadership skills such as coalition building, team building, workplace ethics, mentoring, planning and influencing, and organizing.

Knowledge of organizational systems.

Critical thinking tools, strategies and principles.

Decision-making tools and techniques such as cost benefit analysis, Program Evaluation Review Technique (PERT) analysis, decision trees, Monte Carlo analysis, benchmarking and best practices.

General management principles applying to marketing, operations, budgeting and planning, program development, labor relations, contract management, and customer relations management.


Purpose of Competence: It is expected that competency area four will provide managers with a general foundation of skills, knowledge and abilities that enable them to understand general principles of management and leadership and apply those skills, knowledge and abilities to public risk management.


Demonstration of Competence: Possible measures of performance could include:

Completion of non-degree certifications within specific subject areas (example: computer software courses, project management seminar) with examination or evaluation.

Evidence that knowledge of management tools and techniques positively influences the effectiveness of programmatic risk management efforts.

Evidence provided by external evaluators that the manager's skillfulness demonstrably leads to effective risk management.

Other degrees and certifications in the field of management (undergraduate or graduate).


Competency Area Five: Information Technology

Competence: PRIMA has identified “knowledge of information technology principles

and applications” to be a core attribute of a public risk manager. This includes both an

understanding of general concepts of information management and technical knowledge regarding specific information technology (IT) systems and applications.


Purpose of Competence: Competency Area Five will provide managers with knowledge and skills necessary to understand the basics of information management and to have sufficient skill in the uses of information technology and applications to enhance the manager's ability to practice effective risk management.


Competence Criteria: A risk manager, or individuals having risk management

responsibility, should have knowledge of:

General information management principles.

IT systems and current capabilities and applications relevant to risk management

Basic computer use skills


Purpose of Competence: It is expected that competency area five will provide managers with an awareness of the dynamics affecting their field and profession and will make them cognizant of emerging challenges, problems and opportunities.


Demonstration of Competence: Possible measures of performance could include:

Evidence of continuing education efforts.

Participation in/attendance at IT conferences, seminars and workshops.

External accreditation at community colleges, technical schools, colleges and universities or other private training programs.

Research, articles, and other publications related to information management and IT systems and applications.

Development of essential business reports using IT resources.


Competency Area Six: Future of Risk Management

Competence: PRIMA has identified “remaining current in one's field” to be a core attribute of a public risk manager. This includes an understanding not only of topical issues, but also of larger trends and developments in the field of risk management.


Purpose of Competence: Competency Area Six will provide managers with an awareness of the dynamics affecting their field and profession and will make them cognizant of emerging challenges, problems and opportunities.


Competence Criteria: A risk manager, or individuals having risk management

responsibility, should have knowledge of:

Current issues, trends, problems and challenges in public risk management.

Changing laws, rules, guidelines, and standards as they apply to public risk management.

New approaches, techniques and tools that can advance or improve current risk management practices.

Issues relevant to the risk management profession generally and the professional associations within that field.

Ethical standards of practice in the field of public risk management.


Purpose of Competence: It is expected that competency area five will provide managers with an awareness of the dynamics affecting their field and profession and will make them cognizant of emerging challenges, problems and opportunities.


Demonstration of Competence: Possible measures of performance could include:

Evidence of continuing education efforts.

Participation in/attendance at conferences, seminars and workshops.

External evaluation by peers and other colleagues.

Research, articles, and other publications related to current or future issues and topics.

Other

--