Skip to content
Protecht Academy

Controls design and assurance.

How to enable optimally designed controls to be implemented and achieve maximum effect for minimum cost.

Purchase course online

Your internal control framework and individual controls are the front line in managing your risks, yet they are often misunderstood, neglected and operating inefficiently and ineffectively.

This course presented by David Tattam, Chief Research and Content Officer at Protecht, is focused on providing a deep understanding of controls to enable optimally designed controls to be implemented to achieve maximum effect for minimum cost.

Once we are comfortable that we have a well-designed controls framework, we need to gain assurance that our key controls are working effectively. Having a robust controls assurance function is key.

The course will take you through best practice in controls assurance to allow you to benchmark your existing process or assist in building an effective and efficient function.

 

Course overview

In this course, you'll learn:

1. The purpose and value of controls and controls management

  • The value add of controls management
  • Key objectives of controls and controls management
  • Controls as enablers

 

2. What are risks, treatments and controls?

  • Understanding objectives and critical processes
  • Components of risk
  • Introduction to the risk bow tie method
  • Treatment methods

 

3. Types of controls and control frameworks

  • Types of control classifications
  • Benefits of control classifications
  • Control taxonomies
  • What is and is not a control
  • Introduction to control frameworks

 

4. How controls modify risk

  • Measures of risk
  • Side effects of controls
  • How different types of controls modify risk

 

5. Measuring controls

  • Difference between effectiveness of individual controls and
  • Groups of controls
  • Key elements to determine control effectiveness

 

6. Control objectives

  • Importance of well articulated control objectives
  • A method to consistently articulate control objectives
  • Alternative control objective methodologies

 

7. Designing effective controls

  • Starting with control objectives
  • Factors to consider when assessing design effectiveness

 

8. Operating effective controls

  • Factors to consider when assessing operating effectiveness

 

9. Control assurance

  • Components of control assurance
  • Types of control tests
  • Sources of information about controls
  • Overview of sampling methods
  • Measuring control effectiveness

 

10. Controls assessment

  • Assessing groups of controls
  • Using bow ties to identify control gaps

 

11. Issues & actions

  • Types of issues identified during controls management
  • Considering treatment methods and cost of controls

 

12. Controls reporting

  • Reporting for controls
  • Providing controls assurance through reporting
  • Escalation, response and issues and action management

 

13. Control ownership and culture

  • Reinforcing the three lines of defence
  • Ownership, accountability and responsibility for controls
  • Building a strong control culture

 

Course expectations

  • Watch 25 videos
  • Answer 9 knowledge questions
  • Answer 10 quiz questions
  • 4 downloadable materials

 

Timings

  • 4 hours of video content
  • Approximately 5 hours for the whole course

 

Cost

  • US$600 payable by credit card on registration

 

Next steps

You can purchase this course on-demand via Protecht Academy by credit card.

This course is aligned with the RMIA's certification pathway for Certified Practicing Risk Associate and Certified Practicing Risk Manager. It can be purchased as part of a learning plan towards these qualifications. Find out more about RMIA certifications.

This course has been approved by the International Institute of Risk and Safety Management for the period covering March 2024 - September 2025. Find out more about the IIRSM.

Please contact Protecht directly if you would like to discuss packages to implement this training across your organisation. Bulk discounts are available and packages can be invoiced in your local currency.

Purchase course online Contact us

isrm-logo-to-september-2025-cropped

Our trainers

David Tattam

Chief Research and Content Officer

David Tattam is the Chief Research & Content Officer and co-founder of the Protecht Group. David's vision is to redefine the way the world thinks about risk and to develop risk management to its rightful place as being a key driver of value creation in each of Protecht's customers.

David is the driving force in taking Protecht's risk thinking to the frontiers of what is possible in risk management and to support the uplift of people risk capability through training and content.

Read More

Michael Howell

Research and Content Lead

Michael Howell is Protecht's Research and Content Lead. He is passionate about the field of risk management and related disciplines, with a focus on helping organisations succeed using a ‘decisions eyes wide open’ approach.

Michael is a Certified Practicing Risk Manager whose curiosity drives his approach to challenge the status quo and look for innovative solutions.

 

Read More