M_o_R is intended to help organisations put in place an effective framework for risk management. This will help them make informed decisions about the risks that affect their strategic, programme, project and operational objectives. The guide provides a route map for risk management, bringing together basic concepts, an approach, a process with a set of interrelated process steps, and pointers to more detailed sources of advice on risk management techniques and specialisms. It also provides advice on how the principles, approach and processes should be embedded, reviewed and applied differently depending on the nature of the objectives at risk.
This three day Management of Risk (M_o_R) course is designed to illustrate this best practice framework and give candidates an understanding of risk as it should be managed across an organisation. Within project and programme environments there will always be risk which needs to be identified, analysed and managed. Other areas of an organisation will also be exposed to risks as operational functions are carried out. M_o_R provides guidance on how best to deal with all these areas.
The Guide has been written by leading industry experts and is part of the ‘Swirl’ set of best practices managed by AXELOS, which includes ITIL, PRINCE2 & MSP methodologies. This training event is designed to prepare candidates to manage risks in a controlled and structured way by examining the M_o_R guide. Examinations are available during the event for candidates to achieve the Foundation level certification.
Syzygal is a globally Accredited Training Organisation and Accredited Courseware Provider for the M_o_R education & certification program. We are accredited by the following Examination Institutes: APMG, EXIN, Loyalist and PEOPLECERT.
2. 2
The Management of Risk (M_o_R) framework is
intended to help organisations put in place an ef-
fective framework for risk management. This will help them
make informed decisions about the risks that affect organi-
sational strategic, programme, project and operational
objectives. The framework provides a route map for risk
management, bringing together principles, an approach,
a process with a set of interrelated steps and pointers
to more detailed sources of advice on risk management
techniques and specialisms. It also provides advice on how
these principles, approach and process should be embed-
ded, reviewed and applied differently depending on the
nature of the objectives at risk.
Some risk-taking is inevitable if an organisation is to
achieve its objectives. Those organisations that are more
risk aware appreciate that actively managing not only po-
tential problems (threats) but also potential opportunities
provides them with a competitive advantage.
TAKING AND MANAGING RISK IS THE VERY ESSENCE OF
BUSINESS SURVIVAL AND GROWTH.
Risk has always been an inherent feature in any undertak-
ing therefore risk management is not a new concept for
organisations. It was in the 1960s that risk management
began to be recognised as one of the essential skills re-
quired for management. The nature of risk management,
however, has evolved rapidly over recent decades.
Only in recent years have organisations begun to recognise
that risk management, in its broadest sense, applies to both
negative threats and positive opportunities. In each case a
proactive approach is required, which seeks to understand
the size of the possible threats and opportunities so that a
decision can be made about whether to accept the threat
or opportunity or act upon it in some way. Organisations
implementing the M_o_R framework should expect to see
some or all of the following benefits:
•• Corporate decision making is improved through the
high visibility of risk exposure, both for individual
activities, and major projects, across the whole of the
organisation
•• A progressive management style and a culture of
continuous improvement that is enhanced by the
encouragement of openness in relation to risk
•• The objectives of the organisation and its stakeholders
are more likely to be realised through the early identi-
fication and proactive management of threats to cost,
time and performance
•• The needs of corporate governance are met by em-
bedding the M_o_R processes which provide a clear
message and directives
•• There is clear ownership and accountability for risk
and its management, so that they are effectively moni-
tored, and proactively managed
•• Financial benefit to the organisation through im-
proved‘value for money’potential and better manage-
ment of project and program finance
•• Management of project risk is carried out within the
wider context of program, thus minimising the risk of
individual project failure through greater visibility of
the potential impact of other projects
•• Consistency of approach through high-level monitor-
ing and direction
•• Creation of an environment for the conscious accept-
ance of business risks on an informed basis
•• Improved contingency plans and the organisation’s
business continuity plans
•• Better awareness in all personnel of the cost and ben-
efit implications of their actions
Riskmanagementmadeeasy
3. 3
Yourimprovementpartner
Syzygal delivers class-room based professional train-
ing services and innovative e-learning solutions. All our
training solutions are based on Industry recognised best
practices and include formal certification.
Implementation and management of quality information
technology services that meet the needs of the business,
through an appropriate mix of people, process and infor-
mation technology.
Controlled planning, organisation and motivation of re-
sources over a fixed time to achieve specific project goals
and objectives; typically to bring about beneficial change
or added value.
Syzygal consultants have a wealth of experience working
in all types of organisations; public, private and govern-
ment institutions. Our team are qualified, knowledgeable
and have practical ability with global experience.
Focusing on the performance and risk management of
information technology systems and supporting greater
accountability in decision-making for the best interest of
all stakeholders.
The protection of information and information infrastruc-
ture assets against the risks of loss, misuse, disclosure or
damage; providing controls organisations need to man-
age these risks.
PROFESSIONAL EDUCATION
IT Service Management
Project Management
CONSULTING SERVICES
Enterprise Governance
IT Security Management
4. 4
Whoshouldattendtraining?
Frameworkformanagingrisks
M_o_R is intended to help organisations put in place
an effective framework for risk management. This will
help them make informed decisions about the risks that
affect their strategic, programme, project and operational
objectives. The guide provides a route map for risk
management, bringing together basic concepts, an
approach, a process with a set of interrelated process steps,
and pointers to more detailed sources of advice on risk
management techniques and specialisms. It also provides
advice on how the principles, approach and processes
should be embedded, reviewed and applied differently
depending on the nature of the objectives at risk.
Although there is no mandatory requirement, ideally
candidates should have at least two years experience
working within a Risk Management environment or an
organisation that is currently focusing on developing Risk
Management as a professional practice.
M_o_R training would suit candidates working in the
following professions or areas:
• Risk Managers and Risk Management personnel
• Senior Project Officers, Project & Program Managers
• Development & Planning Managers
• Operations & IT Infrastructure Managers
• Quality Managers
• Business Analysts
• Internal and Professional Consultants
• Those seeking to integrate with MSP®, PRINCE2® or
ITIL® international best practices
M_o_R PRINCIPLES are high-level and universally applicable
statements that provide guidance to organisations as an
appropriate approach to risk management.
M_o_R APPROACH instructs how the principles should be
adapted and adopted; an organisation’s approach to the
principles needs to be agreed and defined within a risk
management policy, process guide and strategies.
M_o_R PROCESS is divided into four main steps: identify, as-
sess, plan and implement. Each step describes the require-
ments to ensure the overall process is effective.
EMBEDDING & REVIEWING M_o_R ensures that risk manage-
ment is consistently applied across the organisation and
that their application undergoes continual improvement in
order for them to be effective.
5. 5
Syzygal professional
training helps career
focused individuals
differentiate them-
selves and build suc-
cessful careers.
Whatisriskmanagement?
The term‘risk management’refers to the systematic ap-
plication of principles, an approach and a process to the
tasks of identifying and assessing risks, and then planning
and implementing risk responses. this provides a disci-
plined environment for proactive decision-making. For risk
management to be effective, risks need to be:
• IDENTIFIED which involves considering uncertainties
that would affect the achievement of objectives within
the context of a particular organisational activity and
ensuring that there is a common understanding.
• ASSESSED which involves estimating the probability,
impact and proximity of individual risks so they can be
prioritised, and understanding the overall level of risk
exposure associated with the organisational activity.
• CONTROLLED which involves planning appropriate
responses, assigning owners and actionees and imple-
menting, monitoring and controlling these responses.
Every organisation manages its risk in some way, but not
always in a way that is visible, repeatable or consistent, to
support effective decision-making. The task of risk manage-
ment is to ensure that an organisation makes cost-effective
use of a risk management process. The aim is to improve in-
ternal control and support better decision-making through
a good understanding of individual risks and the overall
risk exposure that exists at a particular time.
All organisations, including temporary ones such pro-
grammes or projects, will encounter uncertain events. Each
individual uncertain event that would impact one or more
objectives is known as a risk.‘Threats’are used to describe
uncertain events with a negative impact on objectives
and‘opportunities’are used to describe uncertain events
that would have a positive impact on objectives. Some
risk-taking is inevitable if an organisation is to achieve its
objectives. Taking and managing risk is the very essence of
business survival and growth.
6. 6
THEORY
ABSORB CONSOLIDATE
TEST
TACT
Theory
Delivering focused
knowledge with
innovative methods
Testing
Measurement and
learning through testing
confirmation of
Consolidate
Fun and interesting
learning utilising
interactive methods
Absorb
Placing students in
real-world scenarios
with hands on scope
TACT is Syzygal’s pro-
prietary methodology
for developing courses
and courseware
As part of doctoral research,
Syzygal have developed a unique
approach to developing and
designing professional education
courses and courseware. Rather
than utilising tired and over-used
methods such as working straight
from a syllabus, Syzygal decided to
research the key elements of effec-
tive learning. What we found was
that although dynamic and flexible
delivery methods were essential to
the overall experience for students,
it was the approach to content
formulation and positioning that
was critical to maximising learning
up-take and knowledge retention.
The THEORY of a subject is obvi-
ously critical to success, but ensur-
ing it is positioned in contextual
alignment is the pay-off. We then
ensure students ABSORB the the-
ory by placing them in real-world
scenarios and role-plays, ensuring
the theory connects to practical
application. To support this we
CONSOLIDATE the learning by us-
ing innovative games and exercises
to further develop understanding
and retention. Finally we ensure
TESTING takes place throughout
training events which prepares
the student to take their formal
certification.
TheTACTapproach
7. 7
The foundation of the Syzygal
business model is the spe-
cialisation in the areas of IT Service
Management, IT Security Manage-
ment, Project Management and
Enterprise Governance. Our focus is
on supporting and communicating
world-renowned, industry recognised
frameworks and standards. In doing
so we help our clients develop world-
class, business centric IT Services
and business change environments.
Placed world-wide, we provide in-
novative solutions helping your busi-
ness deliver tangible and measurable
improvements through direct con-
sultancy or training and education
products. Syzygal’s primary business
objectives and goals are to:
•• Educate professionals in leading
industry best practices
•• Help our clients develop real
knowledge and understanding
in core business practices
•• Support the practical implemen-
tation of that knowledge
•• Ultimately help our clients im-
prove their business practices
Our approach is to accept and deliver
only the highest quality in informa-
tion content, materials and delivery
of our courses. We believe that learn-
ing is better achieved by participa-
tion from the student rather than
instruction by the lecturer. Taking
this approach leads to a better overall
experience for the training candi-
dates and achieves a longer lasting
knowledge transfer from the course.
We employ only the best training
resources and ensure they have ap-
plicable, real life experience in their
specialist areas and industry standard
frameworks and methodologies.
Helpandexpertadvice
whenyouneeditmost
Gainingrecognitionasasubjectmatter
expertandmovingyourcareerforward
beginswithdemonstratingyour
knowledgeandexpertise.