Three Key Risk Assessments in Your ERM Program - ERM, IT, and Internal Controls

how to perform risk assessments for ERM, IT and Internal control function of your organization

  Enroll in Course


24 October 2018 Wednesday | 11:00 AM PDT | 02:00 PM EDT | Duration: 90 Min - Online

What You Will Learn

This risk assessment webinar will discuss how to perform risk assessments for ERM, IT and Internal control function of your organization. Attendees will learn how to create/develop risk assessments, how to complete the ERM Risk Assessment using the ERM Risk Assessment Matrix. And how to complete the general IT Risk Assessment as well as a thorough Risk Assessment for your Internal Controls.

Why You Should Attend

Risk Assessments are at the core of the ERM Program. Financial Institutions need to conduct Risk Assessments in multiple areas. In this session, we focus on three key risk assessments.

This webinar will explain step-by-step process to develop strong Risk Assessments to address key areas of your institution. Then the presenter will specifically focus on three key Risk Assessments you must have as critical components of your ERM Program: the Enterprise Risk Management Risk Assessment, Information Technology Risk Assessment, and the Internal Controls Risk Assessment. You will walk away with practical tools and examples you can implement in your organization immediately.

Learning Objectives:

  • Quick overview of ERM key definitions and the three ongoing phases
  • Learn about the Risk Assessment Process and key steps
  • How to identify and assess your bank’s risks using the ERM Risk Assessment Matrix
  • Characteristics of Risk Assessments based on industry best practices
  • How to develop appropriate Risk Assessment Criteria
  • How to prioritize your bank’s risks once identified
  • What is the Risk Assessment System (RAS)
  • A quick overview of Model Risk Management
  • How to complete the IT Risk Assessment
  • How to complete the Internal Controls Risk Assessment


  • Part I:
  • ERM quick overview of key definitions
  • Three Key Phases of ERM and how Risk Assessments fit in
  • The Risk Assessment Process
  • Risk Assessment System (RAS)
    • CAMELS Rating and How They Relate to Risk Assessments
    • Top 8 Risks and Other Important Risks to Assess
  • Annual Risk Assessments recommended and Areas Assessed
  • ERM Risk Assessment Matrix – Will complete several of the major risks

Part II:

  • Information Technology areas that need to be assessed
  • Information Technology Risk Assessment
    • Definitions
    • Categories Included
  • Complete example of the IT Risk Assessment using Template

Part III:

  • Internal Controls Risk Assessmen
    • List of Areas Assessed
    • Categories included
  • Complete example of several Areas Assessed using Internal Controls Risk Assessment Template

Who Will Benefit:

  • Risk Managers
  • Chief Risk Officers
  • Compliance Officers
  • Chief Operating Officer
  • Chief Credit Officer
  • Internal Auditors
  • Risk management team

Course Curriculum

  Lecture 1
Available in days
days after you enroll

Your Instructor

Marci Malzahn
Marci Malzahn

Marcia (Marci) Malzahn is the president and founder of Malzahn Strategic, a community bank consultancy focused on strategic planning, enterprise risk management, and talent management. Marci has 23 years of banking experience, the last ten as the EVP/CFO/COO of a community bank she helped start where she oversaw all the bank operations areas, including finance, IT, compliance, internal audit, deposit/loan operations, office management, risk management, and HR. In her last year as EVP/COO/CRO, Marci created and focused on the bank's risk management program. She was also the corporate secretary of both the holding company and the bank.

Before starting the bank in 2005, Marci took a detour from banking for five years and worked for a $34 million revenue non-profit organization where she led IT, HR and Finance. Marci's extensive experience in banking infrastructure and her passion to help other banks succeed led her to establish Malzahn Strategic in 2014.

Marci is the recipient of a number of professional awards, is a published author of three books and an international bilingual professional speaker, speaking frequently at banking conferences and associations as well as webinars. Marci holds a B.A. in business management from Bethel University and is a graduate of the Graduate School of Banking in Madison, Wisconsin.

Recent Results

Diane Merrifield - Principal at MindBridge

Marci is not only a highly accomplished banking leader, but a person of great passion and desire to make a difference. She leverages her years of experience to helping community banks succeed in today’s challenging environment, while also committing her time and talents to professional and community organizations that share her vision.

Frequently Asked Questions

How to join the course?
You will be contacted soon via email you provided during registration. In this email, you will get further instructions on how to proceed with the training.

Get started now!