m_o_r syllabus 2010 v2.2
DESCRIPTION
영국 OGC의 리스크 관리 자격에 대한 상세 소개서TRANSCRIPT
Version 2.2 (Status - Live) Owner: Chief Examiner
© The APM Group Ltd 2010. This document is not to be reproduced or re-sold without express permission from The APM Group Ltd. M_o_R® is a Registered Trade Mark of the Office of Government Commerce in the United Kingdom and other countries. The Swirl logo™ is a Trade Mark of the Office of Government Commerce
M_o_R Syllabus December 2010
© The APM Group Ltd 2010. This document is not to be reproduced or re-sold without express permission from The APM Group Ltd
1 Introduction This document details the 2010 M_o_R syllabus produced to coincide with the refresh of the 2010 M_o_R Guide. In March 2011, a revised version of this document may be issued to correct errors and omissions. The M_o_R guide is intended to help organizations put in place an effective framework for risk management. This will help them make informed decisions about the risks that affect their strategic, programme, project and operational objectives. The guide provides a route map for risk management, bringing together principles, an approach, a process with a set of interrelated process steps, and pointers to more detailed sources of advice on risk management techniques and specialisms. It also provides advice on how the principles, approach and processes should be embedded, reviewed and applied differently depending on the nature of the objectives at risk. The primary purpose of the syllabus is to provide a basis for accreditation of people involved with risk management. It documents the learning outcomes related to the use of M_o_R, and describes the requirements a candidate is expected to meet to demonstrate that these learning outcomes have been achieved at each qualification level. M_o_R qualifications are currently offered are two levels: Foundation and Practitioner. The target audience for this document is:
• Exam Board • Exam Panel • Accredited Training Organizations
This syllabus informs the design of the exams and provides accredited training organizations with a more detailed breakdown of what the exams will assess. Details on the exam structure and content are documented in the M_o_R Foundation and Practitioner Designs.
2 Foundation Qualification
2.1 Purpose of the Foundation Qualification The purpose of the Foundation qualification is to confirm that a candidate is able to demonstrate a knowledge and comprehension of the four elements of the M_o_R framework:
• Principles • Approach • Processes • Embedding and reviewing
and how they support corporate governance. The Foundation qualification is also a pre-requisite for the Practitioner qualification.
2.2 Target Audience M_o_R Foundation is suitable for any organization or individual seeing the need for guidance on a controlled approach to identifying, analyzing and managing risk at strategic, programme, project and operational perspectives. The Foundation is aimed at
• Business Change Managers • Programme and Project Managers • Risk Managers • Business and Programme and Project Support staff and managers • Operational staff and managers • Staff and Managers from other disciplines, particularly those responsible for
establishing standards and /or integrating them with MSP and PRINCE2
© The APM Group Ltd 2010. This document is not to be reproduced or re-sold without express permission from The APM Group Ltd
2.3 High-level Performance Definition of a Successful Foundation Candidate At Foundation level, the candidate should understand the key principles and terminology within the M_o_R guidance. Specifically the candidate should:
• Know facts, terms and concepts relating to o M_o_R o The M_o_R principles o The M_o_R approach documents o The M_o_R process o The Embedding and reviewing of risk management into the culture of an
organization o The M_o_R perspectives o The M_o_R techniques o The M_o_R risk specialisms
• Understand how the following are used in M_o_R: o The Framework o The Principles and their main mechanisms o The Approach o The Process steps o The need for integrating risk management into the culture of an
organization o The Perspectives o The Techniques o The Risk specialisms
3 Practitioner Qualification
3.1 Purpose of the Practitioner Qualification The purpose of the Practitioner qualification is to confirm whether the candidate has achieved sufficient understanding of how to apply and tailor M_o_R in a scenario situation. Individuals should be able to demonstrate Foundation competencies and, with suitable direction, should be able to start applying the M_o_R framework to a particular organisational perspective, but may not be sufficiently skilled to do this appropriately for all situations. Their individual risk management expertise, complexity of the governance environment in place and the support provided for risk management in their work environment will all be factors that affect what the Practitioner can achieve.
3.2 Target Audience This qualification is aimed at anyone working within a corporate governance environment that has responsibilities for identifying, assessing, planning, or managing risks, or reporting on risk management activities across the organization.
3.3 High Level Performance Definition of a Successful Practitioner Candidate In addition to the knowledge and understanding from foundation, practitioner candidates should be able to:
© The APM Group Ltd 2010. This document is not to be reproduced or re-sold without express permission from The APM Group Ltd
• For a given scenario, identify, analyse and distinguish between appropriate and
inappropriate application of the o M_o_R framework o M_o_R principles o M_o_R approach documents o M_o_R process steps o Methods for Embedding and reviewing risk management o M_o_R framework elements at each perspective o M_o_R process techniques
• For a given scenario, apply and tailor the following when implementing risk management throughout an organization or updating the current risk management practices:
o M_o_R framework o M_o_R principles o M_o_R approach documents o M_o_R process steps o The techniques for Embedding and reviewing risk management o The M_o_R process techniques
4 Learning Outcomes Assessment Model A classification widely used when designing assessments for certification and education is the Bloom’s Taxonomy of Educational Objectives. This classifies learning objectives into six ascending learning levels, each defining a higher degree of competencies and skills. (Bloom et al, 1956, Taxonomy of Educational Objectives). APMG has adapted this into a four-step variation of the Bloom’s model (The APMG Learning Outcomes Assessment Model) which defines the standard for each qualification’s Learning Outcome Assessment Model. The Model is used as a basis for classifying learning outcomes when developing exam qualification schemes and syllabi. This structured approach helps to ensure:
• There is a clear delineation in learning level content between different qualification levels
• Learning outcomes are documented consistently across different areas of the guide
• Exam questions and papers are pitched consistently and appropriately for each of the learning levels
4.1 M_o_R Learning Outcome Assessment Model For M_o_R the four levels of learning outcomes are shown below. These learning outcomes are independent of the method used to assess whether a qualification level has been achieved.
© The APM Group Ltd 2010. This document is not to be reproduced or re-sold without express permission from The APM Group Ltd
M_o_R Learning Outcomes Assessment Model
1.Knowledge 2. Comprehension 3. Application 4. Analysis
Generic Definition from APMG Learning Outcomes Assessment Model
Know key facts, terms and concepts from the manual/guidance
Understand key concepts from the manual/guidance
Be able to apply key concepts relating to the syllabus area for a given scenario
Be able to identify, analyse and distinguish between appropriate and inappropriate use of the method/guidance for a given scenario situation
Qualification Learning Outcome Assessment Model
Know facts, including terms, concepts, principles, model types and components, tools, techniques, roles and responsibilities from the guidance. Specifically, recall facts and terminology relating to i. The nature of risk ii. Risk management as
part of corporate governance
iii. Principles iv. Approach v. Process and supporting
techniques vi. Embedding and
reviewing vii. Perspectives viii. Risk specialisms
Understand the concepts, principles, processes, themes, organizational factors and roles and can explain how these are applied to justify, implement and use an M_o_R approach at each perspective in the organization
Be able to demonstrate application of the M_o_R principles for each of the perspectives through: i. Creation of the
documents which define the approach
ii. Use of the process steps, supported by the techniques
iii. Use of methods to embed M_o_R and review its effectiveness
iv. Ability to relate the above to the risk specialisms
Be able identify, analyse and distinguish between appropriate and inappropriate use of M_o_R through appraisal of its application for a given scenario
© The APM Group Ltd 2010. This document is not to be reproduced or re-sold without express permission from The APM Group Ltd
5 Syllabus Presentation For each of the above learning levels, the syllabus defines the individual learning outcomes required for the qualification. Each learning outcome is then supported by a description of the requirements that a candidate is expected to meet to demonstrate that the learning outcome has been achieved at the qualification level indicated. These are shown as syllabus topics. All Foundation-level requirements are assumed to have been met for Practitioner-level and are not directly assessed again, although Foundation-level knowledge and understanding will be used when demonstrating Practitioner application and analysis learning outcomes. Each of the syllabus areas is presented in a similar format as follows: 1. Syllabus Area Unit of learning – e.g. a chapter of the manual/guidance
document.
2. Learning Outcome A statement of what a candidate will be expected to know, understand or do.
3. Level Classification of the learning outcome against the APMG Learning Outcomes Assessment Model.
4 Topic Description of what is required of the candidate to demonstrate that a learning outcome has been achieved at the qualification level indicated.
6 Syllabus Areas
Syllabus Area Code
Syllabus Area Title
IG Introduction & Glossary
PI Principles
AP Approach
PR Process
ER Embedding & Review
PE Perspectives
CT Common Techniques
RS Risk Specialisms
Notes: I. Questions based on a syllabus area may refer to material from other sections
of the M_o_R Guide II. The Practitioner Tools and Techniques syllabus area includes a reference to
The ABC Guide Part A – Techniques guide (hereafter known as the ABC Guide) which is available to candidates prior to and during the Practitioner Examination.
© The APM Group Ltd 2010. This document is not to be reproduced or re-sold without express permission from The APM Group Ltd
IG Introduction and Glossary (IG)
Foundation
Practitioner
Primary
Manual
Reference
Level Topic
Know facts, terms and concepts relating to M_o_R. Specifically to recall:
01 01 The drivers for increased focus on risk management, corporate governance and internal control as a result of legislation and increased focus on formal risk management.
1.5 1.6
01 02 Definitions of the terms used in the M_o_R framework, risk management and Corporate governance:
1. Risk 2. Issue 3. Probability 4. Impact 5. Threat 6. Opportunity 7. Risk management 8. Risk exposure 9. Corporate governance 10. Internal control
1.1 – 1.8, Glossary
01 03 Concepts: 1. The main elements of the M_o_R framework (Principles,
Approach, Process and Embedding and reviewing) 2. The actions needed for effective risk management (identify,
assess, control) 3. The benefits of risk management 4. Where (which perspective) and when to apply risk
management e.g. when critical decisions are being made
1.1 - 1.4, 1.7 – 1.8
Understand how the M_o_R framework is used. Specifically to identify:
02 01 The purpose of each of the elements of the M_o_R framework
1.1
02 02 The differences between corporate governance, internal control and risk management 1.5, 1.6
02 03 How decisions about risk vary depending on whether the organizational objectives are:
1. Long-term 2. Medium-term, or 3. Short-term
1.7
02 04 How risk management supports better decision-making 1.7
02 05 The inter-relationship between corporate governance and internal controls 1.5, 1.6
02 06 How effective risk management is likely to improve performance against objectives 1.4
© The APM Group Ltd 2010. This document is not to be reproduced or re-sold without express permission from The APM Group Ltd
IG Introduction and Glossary (IG)
Foundation
Practitioner
Primary
Manual
Reference
Be able to apply the M_o_R framework when implementing risk management throughout an organization or updating the current risk management practices for a given scenario. Specifically to:
03 01 Identify the benefits from implementing or improving on risk management 1.4
© The APM Group Ltd 2010. This document is not to be reproduced or re-sold without express permission from The APM Group Ltd
PI M_o_R Principles (PI)
Foundation
Practitioner
Primary
Manual
Reference
Level Topic
Know the facts, terms and concepts relating to the M_o_R principles. Specifically to recall:
01 01 That the principles are informed by corporate governance principles and ISO31000:2009 2.1
01 02 Definitions of the terms used in the principles: 1. Risk capacity 2. Risk appetite 3. Risk tolerance 4. Escalation 5. Key performance indicators 6. Early warning indicators 7. Risk management health check 8. Risk management maturity model
2.2 – 2.9, Glossary
01 03 Concepts 1. The eight M_o_R principles 2. The seven principles that enable risk management 3. The principle that results from implementing risk
management well 4. The main mechanisms that support each principle, e.g. KPIs,
EWIs, tolerance etc
2.1 2.1 2.1 2.2 – 2.9
Understand how the M_o_R principles are used and the main mechanisms, e.g. appetite, capacity, tolerance, EWI, KPI etc, that support them. Specifically to identify:
02 01 The purpose of each of the M_o_R principles 2.2 – 2.9
02 02 The primary outcome from satisfying each of the principles 2.2. – 2.9
02 03 How the principles support corporate governance and internal control 2.1
02 04 The differences between the main mechanisms that support each principle 2.2 – 2.9
02 05 How the principles provide the foundation for scalable and context-specific practices to be developed and refined 2.2 – 2.9
Be able to apply the relevant M_o_R principles when implementing risk management throughout an organization or updating the current risk management practices for a given scenario. Specifically to identify how the M_o_R principles:
03 01 Support corporate governance and internal controls 2.1 – 2.9
© The APM Group Ltd 2010. This document is not to be reproduced or re-sold without express permission from The APM Group Ltd
AP M_o_R Approach (AP)
Foundation
Practitioner
Primary
Manual
Reference
Level Topic
Know the facts, terms and concepts relating to the M_o_R approach documents. Specifically to recall:
01 01 Definition of the terms used in the M_o_R approach documents (risk management policy, risk management process guide, risk management strategy, risk register, issue register)
3.1 – 3.11
01 02 Concepts: 1. The central set of M_o_R approach documents:
a. Risk management policy b. Risk management process guide c. Risk management strategies for each organizational
activity 2. The categories of supporting documents:
a. Records b. Plans c. Reports
3. The documents in the supporting categories: a. Records – risk register, issue register b. Plans – risk improvement plan, risk communication
plan, risk response plan c. Reports – risk progress reports
4. The concept of a hierarchy of approach documents
3.1 – 3.11
Understand the contents of the M_o_R approach documents, how the approach documents relate to the principles and how they are applied throughout the M_o_R framework. Specifically to identify:
02 01 The purpose of each of the documents 3.2 – 3.10
02 02 The recommended contents of: 1. Risk management policy 2. Risk management process guide 3. Risk management strategies for each organizational activity 4. Risk register
3.2– 3.5, Appendix A
02 03 The difference and relationship between risk owner and risk actionee Glossary
02 04 The difference between issues and risks Glossary
02 05 The difference between cause, event and effect when expressing a risk Appendix B.3.9
02 06 The recommended contents of: 1. Issue register 2. Risk improvement plan 3. Risk communication plan 4. Risk response plan 5. Risk progress report
Appendix A
02 07 The relationship between the M_o_R approach documents 3.11
© The APM Group Ltd 2010. This document is not to be reproduced or re-sold without express permission from The APM Group Ltd
AP M_o_R Approach (AP)
Foundation
Practitioner
Primary
Manual
Reference
02 08 The factors that should be considered in the creation of the M_o_R approach documents 3.1 – 3.11
© The APM Group Ltd 2010. This document is not to be reproduced or re-sold without express permission from The APM Group Ltd
PR M_o_R Processes (PR)
Foundation
Practitioner
Primary
Manual
Reference
Level Topic
Know the facts, terms and concepts of the M_o_R process. Specifically to recall:
01 01 Facts: 1. That M_o_R is aligned with the Orange book 2. That M_o_R is an iterative process
4.1
01 02 Definitions of the following terms used in the process steps and sub-steps:
1. Probability (inherent and residual) 2. Impact (inherent and residual) 3. Proximity 4. Expected value 5. Secondary risks 6. Risk owner 7. Risk actionee 8. Stakeholder
4.1 – 4.9, Glossary
01 03 Concepts: 1. The steps in the M_o_R process 2. The common terminology used to describe each step 3. The sub-steps in the Identify and Assess steps 4. The common process barriers to success in implementing the
risk management process 5. The sequence of the steps 6. The techniques recommended for first use in each step
4.1, 4.2, 4.4 – 4.9
Understand how the M_o_R process steps are used to identify, assess and control risk. Specifically to identify:
02 01 The purpose or goal of each process step and sub-step 4.4 – 4.9
02 02 For each sub-step: 1. Inputs 2. Tasks 3. Techniques 4. Outputs
4.4 – 4.9
02 03 The part played by communications throughout the process 4.3
02 04 In which process steps the M_o_R approach documents are developed, used or updated
4.3 – 4.9
02 05 Stakeholders and their importance to the identification, assessment and control of risk 4.4
02 06 The relationship between the process barriers and other aspects of M_o_R, e.g. Embedding and reviewing and health checks 4.2
02 07 The common process barriers to the implementation of risk management 4.1
© The APM Group Ltd 2010. This document is not to be reproduced or re-sold without express permission from The APM Group Ltd
PR M_o_R Processes (PR)
Foundation
Practitioner
Primary
Manual
Reference
02 08 The difference between inherent, secondary and residual risks Appendix A.4.1, Glossary
© The APM Group Ltd 2010. This document is not to be reproduced or re-sold without express permission from The APM Group Ltd
ER Embedding and reviewing (ER)
Foundation
Practitioner
Primary
Manual
Reference
Level Topic
Know the facts, terms and concepts relating to Embedding and reviewing of risk management into the culture of an organization. Specifically to recall:
01 01 Definitions of terms used in Embedding and reviewing the implementation of risk management 5.1 – 5.6
01 02 Concepts: 1. The methods for assessing the success of embedding risk
management 2. The common barriers to success in implementing risk
management 3. The ways to review how well risk management has been
embedded
5.2, 5.5, 5.2, Appendix C, Appendix D
Understand the need for integrating risk management into the culture of an organization. Specifically to identify:
02 01 The purpose of Embedding and reviewing risk management 5.1
02 02 The purpose of a risk management health check 5.2, Appendix C
02 03 The purpose of a risk management maturity model 5.2, Appendix D
02 04 The methods to measure success in implementing risk management 5.4
02 05 The difference between a risk management health check and a risk management maturity model
5.2, Appendix C, Appendix D
02 06 The methods for obtaining and developing senior management commitment and support
5.5
02 07 The methods for building and developing a risk-aware organizational culture
5.5
02 08 The risk review and trigger points as opportunities for change 5.6
02 09 Issues relating to Embedding and reviewing risk management 5.1, 5.3, 5.5
Be able to apply and tailor the techniques for Embedding and reviewing risk management when implementing or updating risk management for a given scenario. Specifically to identify :
03 01 How to apply methods for obtaining and developing senior management commitment and support 5.5
03 02 How to apply methods for building and developing a risk-aware culture 5.5
© The APM Group Ltd 2010. This document is not to be reproduced or re-sold without express permission from The APM Group Ltd
PE Perspectives (PE)
Foundation
Practitioner
Primary
Manual
Reference
Level Topic
Know the facts, terms and concepts of the M_o_R perspectives. Specifically to recall:
01 01 Definitions of terms used in the perspectives 1. Contingency 2. Enterprise Risk Management (ERM) 3. Central Risk Function
6.1 – 6.8
01 02 Concepts: 1. The four M_o_R perspectives 2. The relationship between the perspectives and long-,
medium- and short-term organizational objectives 3. The typical objectives at each perspective
6.1 – 6.5, 6.7, 6.8
01 03 The risk management roles and responsibilities 6.8
Understand how the M_o_R perspectives are used. Specifically to identify:
02 01 For the Strategic perspective: 1. Introduction (section 6.1) - The reasons for the perspective 2. Fits the context principle - The types of risk and focus of
concern 3. Fits the context principle - The typical areas of uncertainty 4. Engages stakeholders principle - The interests of
stakeholders 5. Provides clear guidance principle and section 6.8 - The risk
management roles and responsibilities
6.1, 6.2, 6.8
02 02 For the Programme perspective: 1. Introduction (section 6.1) - The reasons for the perspective 2. Fits the context principle - The types of risk and focus of
concern 3. Fits the context principle - The typical areas of uncertainty 4. Engages stakeholders principle - The interests of
stakeholders 5. Provides clear guidance principle and section 6.8 - The risk
management roles and responsibilities
6.1, 6.3, 6.8
02 03 For the Project perspective: 1. Introduction (section 6.1) - The reasons for the perspective 2. Fits the context principle - The types of risk and focus of
concern 3. Fits the context principle - The typical areas of uncertainty 4. Engages stakeholders principle - The interests of
stakeholders 5. Provides clear guidance principle and section 6.8 - The risk
management roles and responsibilities
6.1, 6.4, 6.8
© The APM Group Ltd 2010. This document is not to be reproduced or re-sold without express permission from The APM Group Ltd
PE Perspectives (PE)
Foundation
Practitioner
Primary
Manual
Reference
02 04 For the Operational perspective: 1. Introduction (section 6.1) - The reasons for the perspective 2. Fits the context principle - The types of risk and focus of
concern 3. Fits the context principle - The typical areas of uncertainty 4. Engages stakeholders principle - The interests of
stakeholders 5. Provides clear guidance principle and section 6.8 - The risk
management roles and responsibilities
6.1, 6.5, 6.8
02 05 The purpose of integrating risk management across the perspectives 6.7
02 06 The performance and process measures of value enabled by risk management 6.6
02 07 The relationship between the perspectives 6.2 – 6.5
Be able to apply and tailor the M_o_R framework to organizational perspectives when implementing or updating risk management for a given scenario. Specifically to:
03 01 For the Strategic perspective: 1. Identify and justify how application of the M_o_R framework
supports corporate governance and internal controls 2. Identify whether clear objectives are set, and stakeholders
are identified and engaged with their views on risks and objectives understood
3. Identify the content, risk information required for decision-making and actions to be taken when producing and tailoring the M_o_R approach documents
4. Apply the tasks and techniques in the M_o_R process steps and sub-steps from the information provided
5. Apply the methods for embedding and reviewing risk management
6. Assign the risk management roles and responsibilities to scenario roles
7. Apply methods to identify performance and measure success in implementing risk management, including: a. How to apply a risk management health check to an
organizational activity b. Analysis of a report produced as a result of performing a
risk management health check on an organizational activity
c. How to apply a risk management maturity model to an organizational activity
d. Analysis of a report produced as a result of applying a risk management maturity model to an organizational activity
8. Identify the need to escalate (and delegate) risks between perspectives, that this is connected to the setting of tolerance thresholds, and that this may be done via Risk reports
9. Whether an M_o_R process technique has been applied
4.4 – 4.8, 6.2, 6.8, Appendix A
© The APM Group Ltd 2010. This document is not to be reproduced or re-sold without express permission from The APM Group Ltd
PE Perspectives (PE)
Foundation
Practitioner
Primary
Manual
Reference
correctly as described in both the M_o_R Guide and the ABC Guide
03 02 For the Programme perspective: 1. Identify and justify how application of the M_o_R framework
supports corporate governance and internal controls 2. Identify whether clear objectives are set, and stakeholders
are identified and engaged with their views on risks and objectives understood
3. Identify the content, risk information required for decision-making and actions to be taken when producing and tailoring the M_o_R approach documents
4. Apply the tasks and techniques in the M_o_R process steps and sub-steps from the information provided
5. Apply the methods for embedding and reviewing risk management
6. Assign the risk management roles and responsibilities to scenario roles
7. Apply methods to identify performance and measure success in implementing risk management, including: a. How to apply a risk management health check to an
organizational activity b. Analysis of a report produced as a result of performing a
risk management health check on an organizational activity
c. How to apply a risk management maturity model to an organizational activity
d. Analysis of a report produced as a result of applying a risk management maturity model to an organizational activity
8. Identify the need to escalate (and delegate) risks between perspectives, that this is connected to the setting of tolerance thresholds, and that this may be done via Risk reports
9. Whether an M_o_R process technique has been applied correctly as described in either the M_o_R Guide and the ABC Guide
4.4 - 4.8, 6.3, 6.8, Appendix A
03 03 For the Project perspective: 1. Identify and justify how application of the M_o_R framework
supports corporate governance and internal controls 2. Identify whether clear objectives are set, and stakeholders
are identified and engaged with their views on risks and objectives understood
3. Identify the content, risk information required for decision-making and actions to be taken when producing and tailoring the M_o_R approach documents
4. Apply the tasks and techniques in the M_o_R process steps and sub-steps from the information provided
5. Apply the methods for embedding and reviewing risk management
6. Assign the risk management roles and responsibilities to
4.4 - 4.8, 6.4, 6.8, Appendix A
© The APM Group Ltd 2010. This document is not to be reproduced or re-sold without express permission from The APM Group Ltd
PE Perspectives (PE)
Foundation
Practitioner
Primary
Manual
Reference
scenario roles 7. Apply methods to identify performance and measure
success in implementing risk management, including: a. How to apply a risk management health check to an
organizational activity b. Analysis of a report produced as a result of performing a
risk management health check on an organizational activity
c. How to apply a risk management maturity model to an organizational activity
d. Analysis of a report produced as a result of applying a risk management maturity model to an organizational activity
8. Identify the need to escalate (and delegate) risks between perspectives, that this is connected to the setting of tolerance thresholds, and that this may be done via Risk reports
9. Whether an M_o_R process technique has been applied correctly as described in both the M_o_R Guide and the ABC Guide
03 04 For the Operational perspective: 1. Identify and justify how application of the M_o_R framework
supports corporate governance and internal controls 2. Identify whether clear objectives are set, and stakeholders
are identified and engaged with their views on risks and objectives understood
3. Identify the content, risk information required for decision-making and actions to be taken when producing and tailoring the M_o_R approach documents
4. Apply the tasks and techniques in the M_o_R process steps and sub-steps from the information provided
5. Apply the methods for embedding and reviewing risk management
6. Assign the risk management roles and responsibilities to scenario roles
7. Apply methods to identify performance and measure success in implementing risk management, including: a. How to apply a risk management health check to an
organizational activity b. Analysis of a report produced as a result of performing a
risk management health check on an organizational activity
c. How to apply a risk management maturity model to an organizational activity
d. Analysis of a report produced as a result of applying a risk management maturity model to an organizational activity
8. Identify the need to escalate (and delegate) risks between
perspectives, that this is connected to the setting of tolerance
4.4 - 4.8, 6.5, 6.8, Appendix A,
© The APM Group Ltd 2010. This document is not to be reproduced or re-sold without express permission from The APM Group Ltd
PE Perspectives (PE)
Foundation
Practitioner
Primary
Manual
Reference
thresholds, and that this may be done via Risk reports 9. Whether an M_o_R process technique has been applied
correctly as described in both the M_o_R Guide and the ABC Guide
Be able to identify, analyse and distinguish between appropriate and inappropriate application of the M_o_R framework elements at each perspective for a given scenario Specifically to analyse:
04 01 At the Strategic perspective: 1. Performance and process measures enabled by risk
management 2. The M_o_R approach documents and whether any of them
contain errors or omissions 3. The application of the M_o_R process and its suitability for
supporting corporate governance and internal controls 4. The methods for measuring the success of implementing risk
management 5. Assignment of risk management responsibilities to scenario
roles 6. The identified perspective performance and process
measures enabled by the M_o_R principles
3.2 – 3.10, 4.4 – 4.9, 5.2, 6.2, 6.6, 6.8, Appendix B, ABC Guide
04 02 At the Programme perspective: 1. Performance and process measures enabled by risk
management 2. The M_o_R approach documents and whether any of them
contain errors or omissions 3. The application of the M_o_R process and its suitability for
supporting corporate governance and internal controls 4. The methods for measuring the success of implementing risk
management 5. Assignment of risk management responsibilities to scenario
roles 6. The identified perspective performance and process
measures enabled by the M_o_R principles
3.2 – 3.10, 4.4 – 4.9, 5.2, 6.3, 6.6, 6.8, Appendix B, ABC Guide
04 03 At the Project perspective: 1. Performance and process measures enabled by risk
management 2. The M_o_R approach documents and whether any of them
contain errors or omissions 3. The application of the M_o_R process and its suitability for
supporting corporate governance and internal controls 4. The methods for measuring the success of implementing risk
management 5. Assignment of risk management responsibilities to scenario
roles 6. The identified perspective performance and process
measures enabled by the M_o_R principles
3.2 – 3.10, 4.4 – 4.9, 5.2, 6.4, 6.6, 6.8, Appendix B, ABC Guide
© The APM Group Ltd 2010. This document is not to be reproduced or re-sold without express permission from The APM Group Ltd
PE Perspectives (PE)
Foundation
Practitioner
Primary
Manual
Reference
04 04 At the Operational perspective: 1. Performance and process measures enabled by risk
management 2. The M_o_R approach documents and whether any of them
contain errors or omissions 3. The application of the M_o_R process and its suitability for
supporting corporate governance and internal controls 4. The methods for measuring the success of implementing risk
management 5. Assignment of risk management responsibilities to scenario
roles 6. The identified perspective performance and process
measures enabled by the M_o_R principles
3.2 – 3.10, 4.4 – 4.9, 5.2, 6.5, 6.6, 6.8, Appendix B, ABC Guide
© The APM Group Ltd 2010. This document is not to be reproduced or re-sold without express permission from The APM Group Ltd
CT Common Techniques (CT)
Foundation
Practitioner
Primary
Manual
Reference
Level Topic
Know the facts, terms and concepts of the M_o_R techniques. Specifically to recall:
01 01 Concepts: The techniques recommended for their first use in the:
1. Identify – context step 2. Identify – risks step 3. Assess - estimate step 4. Assess - evaluate step 5. Plan step 6. Implement step
Plus 7. The outputs from each technique
Appendix B
01 02 Definitions of the terms used in the techniques: 1. Risk descriptions 2. Risk response planning
Appendix B
Understand how the M_o_R techniques are used. Specifically to identify:
02 01 The purpose of each technique Appendix B
02 02 How each technique is used within the M_o_R process
Chapter 4, Appendix B
02 03 Benefits and limitations of each technique Appendix B
© The APM Group Ltd 2010. This document is not to be reproduced or re-sold without express permission from The APM Group Ltd
RS Risk Specialisms (RS)
Foundation
Practitioner
Primary
Manual
Reference
Level Topic
Know the facts, terms and concepts of the M_o_R risk specialisms. Specifically to recall:
01 01 Definitions of terms used in the risk specialisms: 1. Business Continuity Management 2. Disaster recovery 3. Incident management and crisis management
Appendix E
01 02 Concepts: 1. The list of risk specialisms 2. The scope of each specialism
Appendix E
Understand how the M_o_R risk specialisms are used. Specifically to identify:
02 01 The purpose of each risk management specialism
Appendix E
02 02 How the risk specialisms relate to each other
Appendix E
02 03 The relationships between the M_o_R framework and the risk specialisms
Appendix E
02 04 How the risk management specialisms contribute to good risk management
Appendix E