Risk and Compliance Management Professional (CRCMP)

  • View Course Outline
  • Subscribe to Newsletter
    Privacy by SafeUnsubscribe
  • Get course brochure
    Privacy by SafeUnsubscribe

Risk and Compliance Management Professional (CRCMP)

Risk and Compliance Management Professional CRCMP program has been designed to provide with the knowledge and skills needed to understand and support regulatory compliance and enterprise-wide risk management.

Certainly, the course provides with the necessary expertise to pass the CRCMP exam.

Managing risk seems like no longer an exercise reserved strictly for extreme events and unforeseen circumstances.

It has now become a vital and permanent component of an organization’s long-term strategy.

As a result, having an Enterprise Risk Management Framework (ERMF) in place can directly influence the long-term profitability and sustainability of an Organisation.

The bankruptcy at Lehman Brothers, the emergency sale of Merrill Lynch and the trouble at so many other corporations, have something in common. The failure of the risk management and compliance controls, and the understanding that firms do not follow best practices, international standards and regulatory requirement as they should do.

Compliance and risk management have become much more critical, and firms have to provide evidence that they rely on qualified professionals.

The CRCMP program has become one of the most recognized programs in risk management and compliance.

Why should I get certified as Risk and Compliance Management Professional?

After the failures of so many organizations during the recent crisis, firms and organizations hire “fit and proper” professionals who can provide evidence that they are qualified.

Companies and organizations need assurance that employees have the knowledge and skills required to mitigate risks and to accept more responsibility.

Supervisors and auditors ask for independent evidence that the process owners are qualified and that the controls can operate as designed because the persons responsible for these controls have the necessary knowledge and experience.

The marketplace is clearly demanding qualified professionals in risk and compliance management.

You might be interested in PMI Risk Management programs as the next step of your development plan.

  • Request customized course
    Privacy by SafeUnsubscribe
  • Request call back
    There was an error fetching lists. Please refresh your lists and try again.
    Privacy by SafeUnsubscribe
  • Request corporate proposal
    There was an error fetching lists. Please refresh your lists and try again.
    Privacy by SafeUnsubscribe
  • View Schedule
  • COURSE TYPE Advanced
  • DURATION 5 days


Risk and Compliance Management Professional CRCMP program has been designed to provide with the knowledge and skills needed to understand and support regulatory compliance and enterprise-wide risk management.


Participants who fully attend this course and complete the test on the last day will receive a Strategic Axis Professional Certificate (SAPC). SAPC certificates are regionally recognized and can be quite valuable when applying for more senior roles within the organization or outside.

You can apply for international exams to get an international qualification after this course.

A candidate is given 90 minutes to complete a 35 question multiple choice exam.

A candidate must score 70% or higher.

It is an open book exam. Risk and compliance management is not something you have to memorize, and it is something you must understand and learn.




  • Introduction
  • Regulatory Compliance and Risk Management
  • Definitions, roles, and responsibilities
  • The purpose of the board of directors, the supervisors, the internal and external auditors
  • The new international landscape and the interaction among laws, regulations, and standards
  • The difference between a best practice and a regulatory obligation
  • Benefits of an enterprise broad compliance program
  • Compliance culture: Why it is essential, and how to communicate the responsibilities
  • Policies, workplace ethics, risk and compliance policies, procedures and the code of conduct
  • Privacy and information security
  • Handling confidential information
  • Conflicts of interest
  • Use of organizational property
  • Fair dealings with customers, vendors, and competitors
  • Reporting ethical concerns
  • The definition of Governance, Risk, and Compliance
  • The need for Internal Controls
  • Understand how to identify, mitigate and control risks effectively
  • Approaches to risk assessment
  • A qualitative, quantitative approach
  • Integrating risk management into corporate governance and compliance


  • Internal Controls, COSO, the Internal Control Integrated Framework by the COSO committee
  • Using the COSO framework effectively
  • The Control Environment
  • Risk Assessment
  • Control Activities
  • Information and Communication
  • Monitoring
  • Effectiveness and Efficiency of Operations
  • Reliability of Financial Reporting
  • Compliance with applicable laws and regulations
  • IT Controls
  • Program Development and Program Change
  • Deterrent, Preventive, Detective, Corrective Controls
  • Recovery, Compensating, Monitoring, and Disclosure Controls
  • Layers of overlapping controls
  • COSO Enterprise Risk Management (ERM) Framework
  • Is COSO ERM necessary for compliance?
  • Internal Environment
  • Objective Setting
  • Event Identification
  • Risk Assessment
  • Risk Response
  • Control Activities
  • Information and Communication
  • Monitoring
  • The two cubes
  • Goals: Strategic, Operations, Reporting, Compliance
  • ERM – Application Techniques
  • Core team preparedness
  • Implementation plan
  • Likelihood
  • Impact
  • COBIT – the framework that focuses on IT
  • Is COBIT needed for compliance?
  • COSO or COBIT?
  • Corporate governance or financial reporting?
  • Executive Summary
  • Management Guidelines
  • The Framework
  • The 34 high-level control objectives
  • What to do with the 318 specific control objectives
  • COBIT Cube
  • Maturity Models
  • Critical Success Factors (CSFs)
  • Key Goal Indicators (KGIs)
  • Key Performance Indicators (KPIs)
  • How to use COBIT for compliance


  • The Basel Capital Accords
  • Realigning the regulation with the economic realities of the global banking markets
  • New capital adequacy framework replaces the 1988 Accord
  • Improving risk and asset management to avoid financial disasters
  • “Sufficient assets” to offset risks
  • The technical challenges for both banks and supervisors
  • How much capital is necessary to serve as a sufficient buffer?
  • The three-pillar regulatory structure
  • Purposes of Basel
  • Pillar 1: Minimum capital requirements
  • Credit Risk – 3 approaches
  • The standardized approach to credit risk
  • Claims on sovereigns
  • Claims on banks
  • Claims on corporates
  • The internal ratings-based (IRB) approaches to credit risk
  • Some definitions:
  • PD – The probability of default,
  • LGD – The loss given default,
  • EAD – Exposure at default,
  • M – Maturity
  • Five classes of assets
  • Pillar 2: Supervisory review
  • Key principles
  • Aspects and issues of the supervisory review process
  • Pillar 3: Market discipline
  • Disclosure requirements
  • Qualitative and Quantitative disclosures
  • Guiding principles
  • Employees Affected
  • Effective Dates
  • Operational Risk
  • What is an operational risk
  • Legal risk
  • Information Technology operational risk
  • Operational, operations and operating risk
  • The evolving importance of operational risk
  • Quantification of operational risk
  • Loss categories and business lines
  • Operational risk measurement methodologies
  • Identification of operational risk
  • Operational Risk Approaches
  • Basic Indicator Approach (BIA)
  • Standardized Approach (SA)
  • Alternative Standardized Approach (ASA)
  • Advanced Measurement Approaches (AMA)
  • Internal Measurement Approach (IMA)
  • Loss Distribution (LD)
  • Standard Normal Distribution
  • “Fat Tails” in the normal distribution
  • Expected loss (EL), Unexpected Loss (UL)
  • Value-at-Risk (VaR)
  • Calculating Value-at-Risk
  • Stress Testing
  • Stress testing and Basel AMA
  • Advantages / Disadvantages
  • Operational Risk Measurement Issues
  • The game theory
  • The prisoner’s dilemma – and the connection with operational risk management
  • Operational risk management
  • Operational Risk Management Office
  • Key functions of the Operational Risk Management Office
  • Key functions of Operational Risk Managers
  • Key functions of Department Heads
  • Internal and external audit
  • Operational risk sound practices
  • Operational risk mitigation
  • Insurance to mitigate operational risk
  • Basel II and other regulations
  • Capital Requirements Directive (CRD)
  • Aligning Basel II operational risk and Sarbanes-Oxley 404 projects
  • Common elements and differences in compliance projects
  • New standards
  • Disclosure issues
  • Multinational companies and compliance challenges


  • Designing and Implementing an enterprise-wide Risk and Compliance Program
  • Creating an Internal Compliance System
  • Compliance programs that withstand scrutiny
  • How to optimize the organizational structure for compliance
  • Documentation
  • Testing
  • Training
  • Ongoing compliance with laws and regulations
  • Compliance Monitoring
  • The company and other stakeholders
  • Managing the regulators and change in rules
  • International and national regulatory requirements
  • Regulatory compliance in Europe
  • Regulatory compliance in the USA
  • What is different
  • The GCC countries
  • The Caribbean
  • The Pacific Rim
  • Universal elements and differences in compliance projects
  • New standards
  • Disclosure issues
  • Multinational companies and compliance challenges
  • In The Classroom

  • Live, Online

  • Private Team Training

  • Indiviual Private Session

Please Register for More Information

Enroll Now
Privacy by SafeUnsubscribe