Skip to content

Online training session

CPS 230: How to understand and meet the requirements as well as realise real business value.

PLEASE NOTE: Registration has now closed for this event.

Session 1 - 16th July: 9.00am – 12:15pm AEST
Session 2 - 18th July: 9.00am – 12:15pm AEST

This comprehensive workshop will take you through all aspects of the Prudential Standard CPS 230 Operational Risk Management so as to fully understand what is required and how to practically deliver the required change to your risk operating model to apply the standard. Most importantly you'll learn how to realise real business value from this major uplift to your risk capability.

This workshop will be conducted online. 

Note: this session will cost registrants $450 + GST. 


David Tattam

Chief Research and Content Officer, Protecht

Hela Ebrahimi

Senior Risk Consultant, Protecht

Michael Howell

Research and Content Lead, Protecht

Watch the recorded webinar

Who should attend

CPS 230 implementation and project teams, operational and enterprise risk managers (line 1 and line 2), auditors and assurance providers, legal and compliance professionals, procurement and third-party management teams, and anyone involved in risk and compliance maturity uplift.


Online attendance will cost registrants $450 + GST. 

Workshop Content

1. Introduction

a. Introductions

b. Course objectives

c. Administration

2. Why was CPS 230 needed?

a. The drivers of the standard

b. The key principles and guidelines

c. How to address the standard. - The importance of a mindset shift and not a “tick the box” activity

d. Timelines for implementation – where should you be now?

3. What are the key principles of the standard?

a. Principles and guidelines

b. The importance of having an outcome view: - linking risk management with strategy and objectives

c. Process vs. siloed view of risk

d. Moving to an integrated risk profile

e. Integrating your risk appetite

4. What are the key components of the standard?

a. Operational risk and compliance management

b. Controls management

c. Operational resilience and business continuity management

d. Third party risk management

e. Roles and responsibilities

f.  Risk management framework – and uplift

g. Risk culture and a mindset shift

5. How do I meet the requirements of the standard?

a. Understanding the business and mapping your end to end value chain/ processes

b. Operational risk and compliance management

c. Controls management

d. Operational resilience and business continuity management (BCM)

- How does operational resilience and BCM relate

- Identifying and setting you impact types and tolerance levels.

- Critical operations for resilience

- Mapping resources, risks and controls including third party dependencies

- Developing and running severe but plausible scenarios

- Testing your process against tolerance levels

e. Third party risk management

- Identifying material service providers

- The essential components of managing third parties

- Onboarding, ongoing monitoring and off boarding – what is required?

6. Bringing it all together – an enterprise value chain view of risk

a. Understanding your interdependencies

b. Linking the parts through data linkages

c. Creating and reporting an integrated risk profile

7. Roles, responsibilities and accountabilities

a. Who needs to do what?

b. Integrating with the FAR regime

c. Building a cultural mindset shift and a focus on risk culture

8. When do we need to get ready?

a. The milestones for preparation

b. How far along should you be now?

c. A roadmap for readiness

d. Ensuring a sustainable legacy

9. Conclusions and takeaways

a. Key conclusions

b. Key takeaways

Please note

1. Booking

On submission of this online course form, Protecht will accept your offer by entering your booking onto the course and sending you an email confirming that you have been booked together with information on the course enrolment details and payment instructions.

2. Payment

An invoice will be issued and sent to you as part of the booking confirmation. Payment must be made within 7 business days of issue, and no later than 5 days business days before the course commencement. Payment can be made via Direct Deposit or Credit Card.

No cancellation policy within 5 business days of the course date except by discretion of extenuating circumstances approved by Protecht.

About the presenters

Chief Research and Content Officer, Protecht

David Tattam is the Chief Research & Content Officer and co-founder of the Protecht Group. David's vision is to redefine the way the world thinks about risk and to develop risk management to its rightful place as being a key driver of value creation in each of Protecht's customers.

David is the driving force in taking Protecht's risk thinking to the frontiers of what is possible in risk management and to support the uplift of people risk capability through training and content.

Senior Risk Consultant, Protecht

Hela Ebrahimi is a seasoned Risk Consultant with over 15 years of experience in risk management and legal compliance. She is renowned for her passion and expertise in bringing risk management strategies to life.

Her client portfolio spans diverse industries, including insurance, banking, utilities, not-for-profits, and education, where she collaborates with stakeholders to identify, assess, and mitigate risks using Protecht's technology and industry best practices.

Research and Content Lead, Protecht

Michael Howell is Protecht's Research and Content Lead. He is passionate about the field of risk management and related disciplines, with a focus on helping organisations succeed using a ‘decisions eyes wide open’ approach.

Michael is a Certified Practicing Risk Manager whose curiosity drives his approach to challenge the status quo and look for innovative solutions.