---

SCCE Compliance Risk Assessment and Management

We are actively monitoring attendance. At random times throughout this session, you will be prompted with a pop-up to confirm that you are still actively participating in the virtual session. You will not see the pop ups if you are in full screen mode or your pop-up blocker is on. In addition, make sure you are disconnected from any VPN as they can also cause interference and that you have a stable internet connection (hard line is always best).

Active attendance monitoring is only required if you will be requesting external CEUs for NASBA or CLE credits. If you only need Compliance Certification Board (CCB)^® CEUs, it is not required to participate in active monitoring.

---

Monday Agenda

Time	Session	Learning Objectives
9:00am – 10:15am CDT	Welcome and Introduction	Greg Triguba, Principal, Compliance Integrity Solutions • Identify the expectations for and value of compliance risk assessments • Define key terms and concepts associated with compliance risk management • Identify the key elements of a compliance risk management cycle • Identify key practice objectives, relationships, and frameworks that can be applied to the management of compliance risks
10:15am – 10:30am CDT	Break
10:30am – 11:45am CDT	Identification of Compliance Risks	Greg Triguba, Principal, Compliance Integrity Solutions • Identify compliance risks and define a risk universe • Classify and group identified compliance risks and create a risk inventory • Leverage risk identification methodologies to effectively identify and manage risk
11:45am – 12:30pm CDT	Mid-Conference Break
12:30pm – 2:00pm CDT	Assessing Severity	Gwendolyn Hassan, Compliance Officer/Counsel, In Transition • Identify and define the factors that comprise risk severity • Identify and implement different methods for assessing risk severity • Apply techniques for assessing the severity of compliance risks to real-world scenarios • Identify techniques for enhancing your risk assessment process using more advanced techniques
2:00pm – 2:15pm CDT	Break
2:10pm – 3:30pm CDT	Risk Appetite and Tolerance	Caroline McMichen, Strategic Advisor, SAI • Define risk appetite and tolerance • Understand how they are established by an organization and how they inform business strategy and objective-setting • Apply these concepts to compliance and ethics risks, risk management, and mitigation

Tuesday Agenda

Time	Session	Learning Objectives
9:00am – 10:30am CDT	Assessing Internal Controls over Compliance	Caroline McMichen, Strategic Advisor, SAI • Differentiate between the different types of internal controls • Differentiate between design and operating effectiveness of internal controls • Design and develop tests to measure the design and effectiveness of internal controls over compliance • Differentiate between monitoring and auditing of internal controls
10:30am – 10:45am CDT	Break
10:45am – 12:00pm CDT	Risk Response and Mitigation	Gwendolyn Hassan, Compliance Officer/Counsel, In Transition • Assess whether a response is necessary based on target and actual risk • Differentiate between preventive and detective controls over compliance • Design an appropriate response based on the results of a compliance risk assessment • Implement and follow up on a risk response plan
12:00pm – 12:45pm CDT	Mid-Conference Break
12:45pm – 1:45pm CDT	Completing the CRM Cycle	Caroline McMichen, Strategic Advisor, SAI • Identify the principles of ERM as defined by COSO and their role in the compliance and ethics risk management cycle • Identify and implement compliance and ethics program elements and actions that help an organization meet those objectives
1:45pm – 2:00pm CDT	Break
2:00pm – 3:00pm CDT	Final Considerations	Gwendolyn Hassan, Compliance Officer/Counsel, In Transition • Identify drivers of compliance risk in your organization • Identify and apply techniques for creating a risk-aware culture • Apply the concepts covered in this workshop to improve the compliance risk assessment and management processes in your organization

---

Speakers: