LF logo
by learnformula
search
Log in
search
Courses/Audit & Assurance/NASBA - Auditing

Risk Ready: Essentials of Enterprise Risk Management

Turn risk concepts into practical, real-world tools to identify, assess, and manage risk across your organization

Created byElizabeth McDowellworkspace_premium
5.0
(5 reviews)
BeginnerUpdated May 10, 2026
Risk Ready: Essentials of Enterprise Risk Management

What You'll Learn

check_circleAnalyze the impact of risk management failures using real-world case studies
check_circleApply the three lines model to clarify roles and responsibilities within an organization
check_circleEvaluate the maturity level of an organization's risk management framework
check_circleDistinguish between risk appetite, tolerance, capacity, and preference in strategic planning

About This Course

Effective risk management is no longer optional — it is the foundation of strong organizational governance and the difference between companies that thrive in uncertainty and those that fail under it. This course provides a practical, accessible introduction to enterprise risk management, designed for internal auditors, risk professionals, managers, and anyone seeking to understand how risk is identified, evaluated, and managed across an organization.

Drawing on real-world lessons — including a detailed look at the Silicon Valley Bank failure and what happens when risk management governance is neglected — this course examines why risk management matters, how it should be embedded into an organization's culture and strategy, and how the three lines model defines the responsibilities of management, risk and compliance functions, internal audit, and the governing body. You will learn what internal audit can and cannot do in supporting risk management, the safeguards required when internal audit takes on additional risk activities, and how to recognize the warning signs of a weak risk culture.

The course also introduces the language of risk management — risk appetite, risk tolerance, risk capacity, risk preference, and risk culture — and walks through the five stages of the risk maturity model so you can assess where your own organization stands today and where it needs to go. You will be introduced to the major risk management frameworks, including COSO, ISO, COBIT, and NIST, along with the six main risk categories used when conducting risk assessments at both the enterprise and entity levels.

This is the first in a three-part series on risk management. It establishes the foundational concepts that will be applied in the two subsequent courses on risk-level risk assessments and enterprise-level risk assessments. By the end of this course, you will have a clear understanding of why risk management is essential, who is responsible for what, and how to begin building or strengthening a risk management program in your own organization — using tools you already have.

Topics Covered

  • The importance of risk management and the consequences of risk management failures, illustrated through the Silicon Valley Bank case study
  • The definition and goals of risk management and enterprise risk management
  • Benefits of an effective enterprise risk management program
  • The three lines model and the responsibilities of the governing body, first line, second line, and third line
  • Internal audit's role in risk management, including primary and secondary responsibilities, required safeguards, and activities internal audit should not perform
  • Common enterprise risk management mistakes and best practices for building a strong program
  • Key risk management terminology, including risk appetite, risk tolerance, risk capacity, and risk preference
  • Risk culture and its core components, including awareness, communication, accountability, and the importance of normalizing failure
  • The five stages of the risk maturity model and internal audit's evolving role across each stage
  • Major risk management frameworks (COSO, ISO, COBIT, and NIST) and the six main risk categories used in risk assessments

Your Instructor

Elizabeth McDowell
Elizabeth McDowell

Audit Smarter, not Harder - with Elizabeth and Audie the Internal Otteror!

menu_book20 courses
star1,067 reviews

Elizabeth McDowell, CPA, CIA has over 20 years of audit experience and is the founder of Audit Forward, an innovative internal audit consulting and training firm. Elizabeth is passionate about advancing and advocating for the internal audit profession and was recognized as one of the 2023 Internal Audit Beacons by Richard Chambers. Elizabeth makes auditing and training fun (no, really!) with the help of her mascot, Audie the Internal Otteror. Elizabeth’s most recent industry experience was at Achieve, where she was Sr. Director, Audit Strategy; prior to that, she held internal audit leadership roles at Elevations Credit Union, Fidelity Investments, and Xcel Energy after first starting her career at Ernst & Young.

Credit Information

What Students Are Saying

5.0
Student's Choice
5 reviews

Frequently Asked Questions

We are a registered provider with 327+ associations and regulatory bodies worldwide. We operate across 29 global markets including Canada, the US, Australia, and the UK. Every course page clearly displays its specific accreditations. Upon completion, you receive a professional certificate that can be validated online. Our certificates include all necessary accreditation details, credit hours, and completion dates, and are formatted specifically to meet the submission requirements of most global regulatory bodies.