RCG207Risk Assessment Methodology and Execution


This course provides participants guidance in implementing and managing a comprehensive but practical Ethical and Compliance (E&C) risk assessment, properly calibrated to your organisation’s operations. Risk assessment (methodology and execution, including live risk assessment workshops where the delegates do a ‘risk storm’ exercise).


Course Fee SGD 550
Course Duration 1 Day
Course Timing 9:00am - 5:00pm
Course Venue M Hotel and similar
SDF Approved NA
Skills Future Credit NA
Upcoming Courses

The risk assessment is one of the most fundamental elements of an E&C programme. However, the methodologies differ widely. A good risk assessment should be ‘outside-in’. Looking at the country, sector, and sub-region context before considering the business model, routes to market, supply chain, business partners, and business transaction risks. All of this can be daunting, especially as different areas of E&C (anti-corruption, to money-laundering, to modern slavery, and more) call for different focuses. For in-house teams covering diverse regions and operations (manufacturing, service, R&D, sales, management, etc.) ensuring the risk assessment is simple yet comprehensive is essential. Getting the risk assessment right not only reduces the chances of missing key risks, and expending resources where they are not needed, but it also can become a strategic tool to identify and seize market opportunities.

On completion of the programme, participants will:

  • Understand each step of the risk assessment methodology
  • Know how to right-size the risk assessment to their business
  • Gain deeper insights into simple, effective, and comprehensive ways to gather large volumes of information quickly
  • Benefit from tips and guidance gained from decades conducting risk assessments in some of the most challenging markets
  • Learn about the role of technology in risk assessments (benefits and downsides)
  • Receive tools and frameworks to deploy in their business

1. Introduction to ‘best practice’ risk assessments

  • Country (and sub-region) risk, and where to find data
  • Sector-specific considerations
  • How to adapt for business model variables (supply chain, routes to market, client base, shareholders, stakeholders, CSR)
  • Business partner risk (including effective third-party risk-ranking, due diligence, data)
  • Transaction risk (tenders, B2B, B2C, government agencies, logistics, etc,)

2. What to cover for your business operations

  • Corruption and bribery (including facilitation payments)
  • Money laundering and CTF
  • Fraud (kickbacks, conflicts of interest, asset misappropriation)
  • Trade sanctions and anti-competitive practices
  • Modern slavery and human rights
  • Fair treatment of employees

3. Gathering the data

  • ‘Risk-storm’ exercises
  • Surveys and data
  • Workshops and face-to-face
  • Reporting and investigative data
  • Qualifying, quantifying, analysing, and validating qualitative risk data

4. The experiences of others

  • Examples of frameworks that have worked
  • Common challenges and how to overcome them
  • Defining risk appetite
  • Gross risk versus net risk (how do others assess the mitigating impact of controls)

5. Using technology and data wisely

  • What data points can be quantified?
  • When to keep qualitative data?
  • Challenges of comparisons across differing regions, levels of risk awareness, and operations

6. Developing tools and adjusting weightings

  • Assessing the intention and capability assessment of threats to your organisation
  • Assessing your ability to predict, deter, and respond to issues
  • Likelihood versus impact analysis
  • Risk matrixes and presentation tools

7. Reviewing and monitoring

  • Making the risk assessment a ‘living process’
  • Monitoring versus risk assessment
  • Adapting for new markets, business operations, and regulation
  • Moving from risk to reward, using the assessment to improve performance and strategy
  • Chief Compliance and Ethic Officer
  • Internal Auditor, Forensic Auditor
  • Risk Management Officer
  • Operations and frontline staff managing E&C issues
  • CFO, Finance Manager, Accountant
  • Human Resource Manager

Presentation, group discussion, case study. Multimedia, interaction and template sharing.

Rupert Evill

Rupert Evill

Rupert has 18 years of global experience across more than 30 sectors. He has deep expertise in managing frontline risks, delivering immersive training, conducting intelligence-gathering operations, investigations and managing acute crises. Before founding Ethics Insight, he spent 13 years working for Control Risks, focusing on training, investigations, incident response, and ethics & compliance advisory support. Rupert started his career in counter-terrorism and political risk analysis.

Rupert has augmented his professional experience with a Postgraduate Diploma with Merit in Behavioural Analysis and Investigative Interviewing, becoming an accredited trainer with The Emotional Intelligence Academy. He is a Certified Fraud Examiner. Rupert was also one of only 1% of employees selected for training – by an organization with more person-hours of crisis response experience than any other public or private entity globally – to respond to kidnap, threats, and extortions. He passed selection and was subsequently deployed in the crucial first 24hrs on missions across Asia.

Rupert uses this training and frontline experience – having seen what works and what doesn’t – to inform practical and effective guidance to help organizations better predict, prevent, adapt and respond to challenges. Rupert has operated in more than 40 countries. He is now based in Singapore and has lived in Asia for over 9 years, after working across Europe for a decade. Examples of Rupert’s recent experience and credentials include:

  • Achieved a 98% positive rating from 700+ people across 50 workshops over the last 4 years.
  • Developed the Ethics Insight benchmarking and implementation platform, which, simplifies E&C, and on average, saves clients 6-12 months and 80% on costs.
  • Gathered hard-to-get intelligence and conducting sensitive investigations in high-risk scenarios (including hostile state actors), without compromise.
  • Expert trainer in risk assessment techniques, deception detection, non-confrontational investigative and intelligence-gathering interview techniques and forensic emotional analysis.
  • Responded to and investigated (where necessary) 40 whistle-blower allegations across 20 countries in the past year.

View Other Courses by Rupert Evill