Qualification details
advertisement
Qualification details Title New Zealand Certificate in Organisational Risk and Compliance (Level 4) Version 1 Qualification type Certificate Level 4 Credits 60 NZSCED 080317 Quality Management DAS classification Business > Business Operations and Development > Organisational Direction and Strategy Qualification developer The Skills Organisation Next review December 2018 Approval date March 2015 Strategic purpose statement The purpose of this qualification is to provide people who are working in, or who wish to work in, the risk and compliance area skills and knowledge to support the operation of effective organisation-wide risk and compliance management systems. This qualification is designed to build and improve businesses through management of risk, compliance with relevant laws and codes and, through ethical practices and governance to meet community expectations. Graduates will be capable of working within established risk and compliance frameworks under the supervision, guidance and direction of a Risk and Compliance Manager. Graduate profile Graduates will be able to: 1 2 3 4 Outcome Statement 5 Qualification Reference 2609 © New Zealand Qualifications Authority 2014 6 7 Apply the fundamental processes of risk and compliance frameworks in an organisation to routine activities as a risk and compliance practitioner. Operate with understanding of processes, risks, and controls. Implement tests, review actions and evaluate findings. Undertake tasks associated with operational risk and compliance management frameworks and systems. Contribute to the development of policies, procedures, mitigation actions and controls, testing their effectiveness, and where appropriate recommending improvements. Assess events and issues for significance; recommend management options, monitor implementation of selected option(s); compile information to assist identification of trends. Promote adherence to organisational requirements; provide advice, support, and education and training on risk and compliance requirements. Perform baseline research and information gathering to allow identification of emerging trends and issues to maintain personal and organisational competency. Page 1 of 7 8 Communicate with relevant stakeholders (including management and staff) in a manner that is appropriate for the nature of the information and the audience. Education pathway Graduates of this qualification may pathway on to the New Zealand Diploma in Risk and Compliance (Level 6). Employment pathway Graduates of this qualification may be qualified to work as a practitioner in the risk and compliance field. Example of roles include: risk adviser, risk analyst, risk practitioner, compliance analyst, risk and compliance adviser, or other roles that support audit and assurance. Qualification specifications Qualification award The candidate shall be awarded the qualification by the accredited Tertiary Education Organisation (TEO) approved to deliver the programme leading to the qualification, ITO’s that arrange training leading to the qualification and education providers accredited to deliver programmes leading to the qualification The formal document certifying the award of this qualification includes the full qualification title, the NZQF reference number, and the date of issue and/or award. The formal document certifying the award of this qualification will display the NZQF logo and may also include the name and/or logo of the awarding education organisation and/or qualification developer. Until NZQA’s records systems reflect the award of all New Zealand qualification, as the qualification developer The Skills Organisation will maintain a list of graduates of this qualification. The TEO will annually report the names of all graduates awarded the qualification to The Skills Organisation and this information will be passed to NZQA in the future. Evidence requirements for assuring consistency All Tertiary Education Organisations (TEOs) offering this qualification (either arranging training or delivering programmes) must participate in the Consistency Review. TEOs are to seek feedback from the risk and compliance sector regarding their graduates meeting the qualification graduate profile outcomes. Evidence may come from: Regular monitoring of trainee progression within either the TEO or the workplace including liaising with employers, teaching staff, training supervisors, and industry managers about the value of the training, graduates, and qualification to the business. Feedback from relevant industry or practitioner organisations such as Risk NZ; Governance, Risk, and Compliance Institute; Institute of Internal Auditors, to ensure their members involved in the risk and compliance sector are Qualification Reference 2609 © New Zealand Qualifications Authority 2014 Page 2 of 7 satisfied with the qualification graduates. Regular cross-industry meetings (Industry Advisory Groups) where the changing training needs of the industry can be discussed in light of technology changes, workplace practices, and graduate capabilities. Independent surveys of graduates and employers to determine if the graduates are appropriate for the workplace. Providing an alignment matrix of programme outcomes or unit standards against the qualification outcomes. The evidence should be collated in to a high level report using the consistency template that answers the key evaluation question and is presented at the consistency event to show how the graduates meet the graduate profile. Guidelines for managing consistency are available and should be referred to on the NZQA website. Credit transfer and recognition of prior learning arrangements TEOs delivering programmes that lead to award of this qualification may transfer credit and recognise prior learning in accordance with their own credit recognition policies and procedures. These policies and procedures, and information about associated fees, must be available to the applicant prior to enrolment. To facilitate credit transfer, education organisations must clearly demonstrate the equivalency or comparability between each of the outcomes in the graduate profile, and the assessment components of their programmes. Credit transfer will be automatic where standards on the Directory of Assessment Standards are used within programmes of study or training leading to this qualification. Minimum standard of achievement and standards for grade endorsements The minimum standard of achievement required for the award of the qualification will be: Entry requirements (including prerequisites to meet regulatory body or legislative requirements) None – achievement of all graduate outcomes in the graduate profile through successful completion of an approved programme. Qualification conditions Overarching conditions relating to the qualification Conditions for programme None structure Conditions for programme context None Qualification Reference 2609 © New Zealand Qualifications Authority 2014 Page 3 of 7 Other conditions Tertiary Education Organisations (TEOs) offering programmes leading to this qualification must maintain currency with amendments to, and replacements of, relevant legislation, regulations, government departments, and Australian/New Zealand/International Standards. In order that programmes have a global perspective, it is expected that they align with and promote the principles contained in: ISO 19600:2014 Compliance Management Systems – Guidelines ISO 31000:2009 Risk Management – Principles and guidelines Definitions Risk and compliance management systems support an organisation’s ability to demonstrate its commitment to the identification and management of risk and compliance with relevant laws and codes, as well as governance, ethical and community expectations Risk – effect of uncertainty on organisational objectives. Events and issues – include but are not limited to the probability and impact of risks, breaches, and near misses. Specific conditions relating to the Graduate profile Qualification outcomes Conditions Mandatory 1 Mandatory Apply the fundamental processes of risk and compliance frameworks in an organisation to routine activities as a risk and compliance practitioner Programme and assessment will include Awareness of organisational governance, risk, and compliance requirements, including: • Corporate Governance – the way in which the organisation is directed and controlled. • Organisational structure and function, including roles and responsibilities. • Understanding of organisational objectives and the role of risk and compliance management in supporting those objectives. • The risk framework: proactive identification, application of risk assessment criteria, mitigation, and reporting. • Understanding the applicable risk and compliance standards (laws, regulations, codes, and standards) and their requirements that contributes to the risk and compliance framework. • Understanding that Internal Board/Executive driven obligations contribute to the framework. • Application of risk assessment criteria. 5 Credits Qualification Reference 2609 © New Zealand Qualifications Authority 2014 Page 4 of 7 2 Operate with understanding of processes, risks, and controls. Implement tests, review actions and evaluate findings Programme and assessment will include • Control, audit and behavioural mechanisms to ensure compliance with standards. 10 Credits • Risk identification, analyses and mitigation. Mandatory Implementation of tests Complete tests of control(s). Complete risk reviews. Compile template reports. 3 Undertake tasks associated with operational risk and compliance management frameworks and systems 10 Credits Programme and assessment will include Mandatory Undertaking tasks associated with an organisational risk and compliance management programme giving due consideration to the nature of responses and whether further information is required. Tasks may include but are not limited to: 4 • Investigating anomalies and noncompliances, recording findings. • Completing assessments and reviews/audits. • Identifying risks by use of techniques such as risk interviews and Facilitating risk workshops. • Identifying and assessing risks and guiding development of risk mitigation actions. • Completing compliance reviews. • Completing baseline audits and assurance reviews for the risk and compliance system/framework. Contribute to the development of policies, procedures, mitigation actions and controls, testing their effectiveness, and where appropriate recommending improvements. Programme and assessment will include • How policies and procedures fit in the risk and compliance framework. 5 Credits • How policies, procedures, and their associated controls are constructed, approved and published. • How to support the establishment and development of policies, procedures, and controls. Qualification Reference 2609 © New Zealand Qualifications Authority 2014 Mandatory The proactive nature of risk and compliance and the benefits to continuous improvement including: Page 5 of 7 5 • Mitigation actions and controls for risks. • Development of controls to reduce risk and ensure compliance. • Testing of risk mitigation and control actions. • The process for recommending actions for improvements. Select standard and non-standard processes to assess events and issues for significance; recommend management options, monitor implementation of selected option(s); compile information to assist identification of trends. Programme and assessment will include 10 Credits Application of risk assessment criteria to identified events to prioritise responses. Mandatory Significance (quantitatively and qualitatively) and cost versus benefit in relation to an organisation’s size, scale and culture. Completion of risk and compliance reports (breach logs, compliance registers, risk registers). Compilation of information in a format which allows it to be analysed to identify trends. Recommending risk mitigation actions to management. 6 Promote adherence to organisational requirements; provide advice, support and education and training on risk and compliance requirements Programme and assessment will include 5 Credits • Manuals and instructions. • Interdependencies and separations between roles. • Available supporting technologies. Mandatory Supporting the development of organisational and training programmes for staff to: Raise awareness of: Promoting a culture of risk awareness and reporting on identified issues. Disseminating information about risk and control programmes using appropriate media. 7 Perform baseline research and information gathering to allow identification of emerging trends and issues to maintain personal and organisational competency. 10 Credits Programme and assessment will include Mandatory Techniques for researching technological changes and legislative imperatives, environmental conditions, emerging risk issues, changes to industry sector practice and recognised industry best practice. Identifying and extracting emerging risks, issues, and events. Identifying better practice models. Qualification Reference 2609 © New Zealand Qualifications Authority 2014 Page 6 of 7 8 Communicate with relevant stakeholders (including management and staff) in a manner that is appropriate for the nature of the information and the audience. Programme and assessment will include 5 Credits Communicating information clearly and concisely both verbally and in writing in a form appropriate to the audience and the nature of the information. Mandatory Preparing reports at a professional level. Communicating and escalating information relating to risks, issues, and events. Maintaining and updating reference resources and material. Qualification Reference 2609 © New Zealand Qualifications Authority 2014 Page 7 of 7
