Personally designed (content + graphics design), officially accredited M_o_R® Foundation courseware.
M_o_R® (Management of Risk) is part of the AXELOS Global Best Practice Guidance.
Trademarks are properties of the holders, who are not affiliated with courseware author.
Strategic Project Finance Essentials: A Project Manager’s Guide to Financial ...
AXELOS - M_o_R® - Management of Risk - Foundation
1. PRINCE2®, PRINCE2 Agile ®, P3O®, MSP®, MoP®, M_o_R®,
MoV®, ITIL®, P3M3® are registered trademarks of AXELOS
Ltd. The swirl logo™ is a trademark of AXELOS Ltd
3. Course objectives
The philosophy and principles of M_o_R
Understanding terminology and scope
The products/artefacts produced by M_o_R
M_o_R roles, process, recommended techniques
M_o_R maturity model
M_o_R health check
Risk specialisms
Main goal
Attempt Foundation exam with confidence
Communicate freely within M_o_R, understanding
its principles and philosophy
Secondary goal
Benefits and value of risk management and M_o_R
Course introduction
M00 - Course introduction 3/14 | 3/309
4. Please share with the class:
Your name and surname
Your organization
Your profession
Title, function, job responsibilities
Your familiarity with the risk
management
Your experience with ISO 31000,
ISO/EIC 27005, COSO ERM, FERMA etc.
Your personal session expectations
Course introduction
Let’s Get to Know Each Other
M00 - Course introduction 4/14 | 4/309
5. Day1
Module Subject Start End
Total Time
(in hours)
01 Introduction to risk management and M_o_R 09:00 11:00 02:00
02 M_o_R principles 11:00 13:00 02:00
Lunch 13:00 13:30 00:30
03 M_o_R approach 13:30 16:30 03:00
Recap Day 1 (including sample exam questions) 16:30 17:00 00:30
Total Training Time 08:00
Course agenda - Day 1
Course introduction
M00 - Course introduction 5/14 | 5/309
6. Day2
Module Subject Start End
Total Time
(in hours)
Review Day 1 09:00 09:15 00:15
03 M_o_R approach ctn. 09:15 10:00 00:45
04 M_o_R process 10:00 13:00 02:00
Lunch 13:00 13:30 00:30
05 M_o_R roles 13:30 14:00 00:30
06 M_o_R perspectives 14:00 16:30 02:30
Recap Day 2 (including sample exam questions) 16:30 17:00 00:30
Total Training Time 08:00
Course agenda - Day 2
Course introduction
M00 - Course introduction 6/14 | 6/309
7. Day3
Module Subject Start End
Total Time
(in hours)
Review Day 2 09:00 09:15 00:15
06 M_o_R perspectives ctn. 09:15 11:15 02:00
07 Embedding and reviewing management of risk 11:45 13:00 01:15
Lunch 13:00 13:30 00:30
08 M_o_R health check and maturity model 13:30 14:00 00:30
09 Risk specialisms 14:00 15:00 01:00
Foundation exam 15:00 16:00
Total Training Time 05:30
Course agenda - Day 3
Course introduction
M00 - Course introduction 7/14 | 7/309
8. M_o_R Foundation certification
Foundation Exam
Paper based and closed book exam
Only pencil and eraser are allowed
Simple multiple (ABCD) choice exam
Only one answer is correct
75 questions, pass mark is 35 (50%)
max 70 points, 5 questions of control
1 hour exam
No negative points, no “Tricky Questions”
No pre-requisite for Foundation exam
Sample, two (official) mock exams are
provided to you
Course introduction
Candidates completing an examination in a language that
is not their mother tongue, will receive additional time
M00 - Course introduction 8/14 | 8/309
9. M_o_R Practitioner certification
Practitioner Exam:
Paper based and open book exam
Reference to M_o_R handbook
Handbook is provided for students
Reference to ABC Documentation Part A
3 hour exam
4 questions worth 20 marks each (80
marks), pass mark is 40 (50%)
Dictionary/translation lists allowed for non-
native speakers
Non-scientific calculator for basic
calculations
Foundation certification is required
Course introduction
Candidates completing an examination in a language that
is not their mother tongue, will receive additional time
M00 - Course introduction 9/14 | 9/309
10. M_o_R official handbook and examination syllabus
Course introduction
M_o_R syllabus section code and title
IG Introduction and Glossary
PI Principles
AP Approach
PR Process
ER Embedding and Review
PE Perspectives
CT Common Techniques
Module slide number / total module slides
Slide number /
total slides
Module number
and name
M_o_R
handbook page
M_o_R syllabus
section code
Syllabus Handbook PageM00 - Course introduction 10/14 | 10/309
11. M_o_R interactive study guide mind map
Course introduction
See Appendix #2 for more mind maps from AXELOS Global Best Practice
M00 - Course introduction 11/14 | 11/309
13. About course author - Mirosław Dąbrowski
twitter.com/mirodabrowski
linkedin.com/in/miroslawdabrowski
google.com/+miroslawdabrowski
miroslaw_dabrowski
www.miroslawdabrowski.com
Mirosław Dąbrowski
Agile Coach, Trainer, Consultant
(former JEE/PHP developer, UX/UI designer, BA/SA)
Creator Writer / Translator Trainer / Coach
• Creator of 50+ mind maps from PPM and related
topics (2mln views): miroslawdabrowski.com
• Lead author of more than 50+ accredited materials
from PRINCE2, PRINCE2 Agile, MSP, MoP, P3O, ITIL,
M_o_R, MoV, PMP, Scrum, AgilePM, DSDM, CISSP,
CISA, CISM, CRISC, CGEIT, TOGAF, COBIT5 etc.
• Creator of 50+ interactive mind maps from PPM
topics: mindmeister.com/users/channel/2757050
• Product Owner of biggest Polish project
management portal: 4PM: 4pm.pl (15.000+ views
each month)
• Editorial Board Member of Official PMI Poland
Chapter magazine: “Strefa PMI”: strefapmi.pl
• Official PRINCE2 Agile, AgilePM, ASL2, BiSL methods
translator for Polish language
• English speaking, international, independent
trainer and coach from multiple domains.
• Master Lead Trainer
• 11+ years in training and coaching / 15.000+ hours
• 100+ certifications
• 5000+ people trained and coached
• 25+ trainers trained and coached
linkedin.com/in/miroslawdabrowski
Agile Coach / Scrum Master PM / IT architect Notable clients
• 8+ years of experience with Agile projects as a
Scrum Master, Product Owner and Agile Coach
• Coached 25+ teams from Agile and Scrum
• Agile Coach coaching C-level executives
• Scrum Master facilitating multiple teams
experienced with UX/UI + Dev teams
• Experience multiple Agile methods
• Author of AgilePM/DSDM Project Health Check
Questionnaire (PHCQ) audit tool
• Dozens of mobile and ecommerce projects
• IT architect experienced in IT projects with budget
above 10mln PLN and timeline of 3+ years
• Experienced with (“traditional”) projects under high
security, audit and compliance requirements based
on ISO/EIC 27001
• 25+ web portal design and development and
mobile application projects with iterative,
incremental and adaptive approach
ABB, AGH, Aiton Caldwell, Asseco, Capgemini, Deutsche Bank,
Descom, Ericsson, Ericpol, Euler Hermes, General Electric,
Glencore, HP Global Business Center, Ideo, Infovide-Matrix,
Interia, Kemira, Lufthansa Systems, Media-Satrun Group,
Ministry of Defense (Poland), Ministry of Justice (Poland),
Nokia Siemens Networks, Oracle, Orange, Polish Air Force,
Proama, Roche, Sabre Holdings, Samsung Electronics, Sescom,
Scania, Sopra Steria, Sun Microsystems, Tauron Polish Energy,
Tieto, University of Wroclaw, UBS Service Centre, Volvo IT…
miroslawdabrowski.com/about-me/clients-and-references/
Accreditations/certifications (selected): CISA, CISM, CRISC, CASP, Security+, Project+, Network+, Server+, Approved
Trainer: (MoP, MSP, PRINCE2, PRINCE2 Agile, M_o_R, MoV, P3O, ITIL Expert, RESILIA), ASL2, BiSL, Change Management,
Facilitation, Managing Benefits, COBIT5, TOGAF 8/9L2, OBASHI, CAPM, PSM I, SDC, SMC, ESMC, SPOC, AEC, DSDM Atern,
DSDM Agile Professional, DSDM Agile Trainer-Coach, AgilePM, OCUP Advanced, SCWCD, SCBCD, SCDJWS, SCMAD, ZCE 5.0,
ZCE 5.3, MCT, MCP, MCITP, MCSE-S, MCSA-S, MCS, MCSA, ISTQB, IQBBA, REQB, CIW Web Design / Web Development /
Web Security Professional, Playing Lean Facilitator, DISC D3 Consultant, SDI Facilitator, Certified Trainer Apollo 13 ITSM
Simulation …
M00 - Course introduction 13/14 | 13/309
16. 1. Introduction to risk management and M_o_R
2. M_o_R principles
3. M_o_R approach
4. M_o_R process
5. M_o_R roles
6. M_o_R perspectives
1. Strategic
2. Programme
3. Project
4. Operational
7. Embedding and reviewing M_o_R
8. M_o_R health check and maturity model
9. Risk specialisms
Agenda
Introduction to risk management and M_o_R
M01 - Introduction to risk management and M_o_R 2/21 | 16/309
17. Risk definition (according to M_o_R)
Risk
An uncertain event or set of events which,
should it occur, will have an effect on the
achievement of objectives
Risk is a combination of:
Probability of a perceived threat or
opportunity occurring, and magnitude of
its impact on objectives
Introduction to risk management and M_o_R
“Expect the best,
plan for the worst,
and prepare to be
surprised”
Dwight Eisenhower
M01 - Introduction to risk management and M_o_R 3/21 | 17/309
18. Risk management
Systematic application of principles, approach and processes to the
tasks of identifying and assessing risks, and then planning and
implementing risk responses
Introduction to risk management and M_o_R
Risk management (according to M_o_R)
M01 - Introduction to risk management and M_o_R 4/21 | 18/309
21. M_o_R consists of 4 components:
Principles (8)
Embed and review
Process (1)
Approach (a.k.a. documents) (9)
Applying these concepts in a systematic way enables
organisations to put in place an effective framework which
helps them take informed decisions regarding risks that
may affect their objectives
Introduction to risk management and M_o_R
M_o_R components
3M01 - Introduction to risk management and M_o_R 7/21 | 21/309
22. Risk related definitions (according to M_o_R) (1/2)
Threat (-)
An uncertain event that could have
a negative impact on objectives or
benefits
Opportunity (+)
An uncertain event that could have
a favourable impact on objectives or
benefits
Risk Exposure
The combined effect of risks to a set
of objectives
Introduction to risk management and M_o_R
4M01 - Introduction to risk management and M_o_R 8/21 | 22/309
23. Corporate Governance (according to M_o_R)
Corporate Governance
The ongoing activity of maintaining a
sound system of internal control by
which the directors and officers of
an organisation ensure that effective
management systems, including
financial monitoring and control
systems, have been put in place to
protect assets, earnings capacity
and the reputation of the
organisation
Introduction to risk management and M_o_R
Confederation of British Industry (CBI) definition:
“Systems by which companies are directed and controlled”
5M01 - Introduction to risk management and M_o_R 9/21 | 23/309
24. Corporate Governance - Responsibilities
Shareholders
Appoint directors and auditors
Board of Directors
Set strategic aims
Provides leadership
Supervise management
Reporting to shareholders
Audit committee
Support board and accounting
officer
Review comprehensiveness and
reliability of assurances
Introduction to risk management and M_o_R
M01 - Introduction to risk management and M_o_R 10/21 | 24/309
25. Internal Control - Factors to Consider
UK Guidance for Directors state that the
board’s deliberations should include the
consideration of the following factors:
Nature and extent of risks
Extent and categories of acceptable risks
Likelihood of risks
Company's ability to reduce the incidence and
impact on the business of risks that do
materialize
Costs of operating particular controls relative to
the benefit thereby obtained in managing the
related risks
It notes that internal audits must
cover all internal control systems,
not just financial controls
Introduction to risk management and M_o_R
6M01 - Introduction to risk management and M_o_R 11/21 | 25/309
26. The UK Corporate Governance Code
The UK Corporate Governance Code:
The board is responsible for determining the
nature and extent of significant risks it is willing
to take in achieving its strategic objectives, and
that the board should maintain sound risk
management and internal control systems and
review the effectiveness of these at least
annually
Board determines the nature and extent
of risks fading organisation and how much
risk it is willing to take to achieve its
strategic objectives
Board maintains risk management and internal
control systems
Board reviews the effectiveness at least annually
Introduction to risk management and M_o_R
5M01 - Introduction to risk management and M_o_R 12/21 | 26/309
27. Changes in risk management landscape in UK since 2002 (1st M_o_R edition)
Introduction to risk management and M_o_R
2002
•Sarbanes
Oxley
(USA)
2003
•HM Treasury -
The Green
book
2004
•Basel II
•COSO ERM
•HM Treasury -
The Orange
book
2008
•Credit
Crunch
2009
•ISO
31000
2010
•Basel III
2002
M_o_R
V1
2007
M_o_R
V2
2010
M_o_R
V3Sold 35,000+
copies of V3 in
over 70 countries
M01 - Introduction to risk management and M_o_R 13/21 | 27/309
28. Other standards and frameworks dedicated to (non-regulatory) Risk Management (selected)
Introduction to risk management and M_o_R
COSO
ERM
PMI-RMP
(qualification)
AS NZS
4360-1999
CAN-CSA-
Q850-97
IEEE Std
1540-2001
NIST SP
800-37
ISO/IEC
27005
ISO
31000
FERMA
OCTAVE
Allegro
OCEG GRC
Capability
Model
Risk IT
M01 - Introduction to risk management and M_o_R 14/21 | 28/309
29. Relationship with other AXELOS Global Best Practices
Introduction to risk management and M_o_R
8
Portfolio
management
Portfolio(s)
Office
Programme
management
Programme(s)
Office
Project(s)
Office
Project
management
Project
management
Project
management
ManagementofRisk(M_o_R)
ITIL
ManagementofValue(MoV)
RESILIA
M01 - Introduction to risk management and M_o_R 15/21 | 29/309
30. Relationship with other AXELOS Global Best Practices and Models
Introduction to risk management and M_o_R
11
The Portfolio,
Programme,
and Project
Management
Maturity
Model
(P3M3)
ITIL
Maturity
Model
(IMM)
ITILPortfolio,
Programme
and Project
Offices
(P3O)
Management
of Value
(MoV)
Management
of Risk
(M_o_R)
Best practice guides
AXELOS common glossary
PRINCE2
Maturity
Model
(P2MM)
Models
(MoP)
Management of Portfolios
(MSP)
Managing Successful Programmes
(PRINCE2)
PRojects IN Controlled Environments
Portfolio
Office
Programme
Office
Project
Office
RESILIA
M01 - Introduction to risk management and M_o_R 16/21 | 30/309
31. How M_o_R fits with other AXELOS Global Best Practice Guides
Introduction to risk management and M_o_R
P3O
MoP
MoV
MSPPRINCE2
ITIL
RESILIA
Maintaining IT services risk
level at appropriate levels
Helping in business
continuity and disaster
recovery activities
Providing risk management process, know
how, techniques to support offices
Aggregating risks at the
portfolio level
Giving clear picture of
global risks in the entire
organisation
Securing value options
with defining KPI and
EWIs
Securing capabilities delivery and
benefits realisation
Providing proactive risk management
process aligned with global
organisation risk management policy
Securing project health with defining
KPI and EWIs on project variables
Providing proactive risk management
process aligned with global
organisation risk management policy
Combining IT risk and cyber
security management
Providing risk management
process and techniques
M01 - Introduction to risk management and M_o_R 17/21 | 31/309
33. M_o_R in numbers (version 2010)
Introduction to risk management and M_o_R
1
4
8
1
9 8
6
27
1
1
Framework
Perspectives
Principles
Process
Products
Risk Response
Options
Roles
Techniques
Health Check
Maturity
Model
M01 - Introduction to risk management and M_o_R 19/21 | 33/309
34. Q&A
Introduction to risk management and M_o_R
M01 - Introduction to risk management and M_o_R 20/21 | 34/309
35. I hope you enjoyed
this presentation. If so,
please like, share and
leave a comment
below.
Endorsements on
LinkedIn are also
highly appreciated!
(your feedback = more free stuff)
MIROSLAWDABROWSKI.COM/downloads