Practical approach to risk management in BCM

Professionally prepared training in key areas of risk management in Business Continuity Management (BCM), which will enable participants to learn best practices for building a business continuity system within an organization.

About the training

Practical training for individuals looking to expand their knowledge and acquire skills in the available risk assessment methods used in the area of business continuity.

The training is conducted in the form of lectures and workshops, ensuring the effective translation of new knowledge and skills into practical actions. We focus not only on delivering theoretical knowledge but, more importantly, on providing effective, practical methods, techniques, valuable experiences, and best practices. The training spans two days. During the training, key topics related to risk management and business continuity will be discussed.

The aim of the training

  • Identify best practices for building a business continuity management system within an organization.
  • Acquire knowledge and skills on available risk assessment methods applied in the area of business continuity.
  • Master the concepts and methods used in risk management processes.
  • Understand the mechanisms and logic behind managing risk processes in compliance with ISO 22301 standards.
  • Develop the ability to prepare documentation in line with the requirements of ISO 22301.

Training assumptions

The training is tailored to the participants based on:

  • Understanding the specifics of the company and current needs related to risk management.
  • Analysis of documents and information provided by the participants.
  • Results of conceptual work prepared by the participants between the training days.

Training language

The training is conducted in Polish.

Upon request, it is also possible to organize the training in English.

Training methodology

Achieving the desired training outcomes is possible by selecting both the appropriate topics and training methods tailored to the specific needs of the participants and the subject matter. Below we present the methods and techniques we use:

  • LECTURE
    We deliver knowledge to the participants using dedicated teaching materials, such as multimedia presentations. This serves as the theoretical foundation of the training, during which we introduce the topic, discuss key concepts, describe roles, processes, procedures, etc.
  • PRACTICAL EXAMPLES
    As practitioners, we base the training program on real-life events presented in relation to a specific problem. We help participants independently draw conclusions or find solutions. Our training is highly focused on practice and the development of participants’ skills.
  • DISCUSSION
    Participants express their opinions and share experiences. A well-structured discussion topic, involving at least two differing perspectives, typically generates significant emotional engagement. The discussion enables the development of a common solution or prepares arguments regarding the topic.
  • BRAINSTORMING
    In a short time, we generate numerous ideas and solutions for specific problems and situations. We engage participants, stimulate their thinking, and encourage creativity.
  • EXERCISES
    Practical tasks related to the training topic, such as creating a process, conducting a case study, etc. These exercises effectively complement the lecture and practical examples.
  • TESTS
    We assess participants’ knowledge and skills. We identify any competency gaps and plan the educational process to enhance the participants’ abilities. Depending on the training type, this may be done using various tools, such as knowledge tests or performance assessments.
  • SIMULATIONS
    These provide an excellent real-world experience, where participants actively engage and experience the consequences of their actions.
  • SUMMARY
    After completing each topic, we summarize the discussed material. This is done by the trainer and allows participants to revisit key issues related to the subject matter, giving them the opportunity to verify how well they have absorbed the content.

Trainer

Jacek Knopik
A graduate of Documentation Management at Adam Mickiewicz University in Poznań. He is an authorized representative and internal auditor for information security management systems, quality management systems, environmental management systems, and health and safety systems. He is an expert in risk management in the areas of information security, GDPR, quality management, business continuity, and internal control. Jacek is also a consultant, implementer, trainer, and software tester for risk management solutions. He has been responsible for implementing operational risk management systems compliant with ISO 31000 in business organizations, including Allegro, CCC, and Kraków Balice Airport. He has managed numerous implementation projects related to ISO 27001, ISO 22301, and the requirements of the Critical Infrastructure Protection Act. For the past three years, he has been a trainer, delivering the Risk Manager ISO 31000 training program. Additionally, Jacek has over five years of experience in local government administration, focusing on documentation management, processes, internal control, and the implementation of IT systems.

Offline training

Training program

Day 1
9:00 - 16:00

  • Welcome to the training session
  • Introduction to the scope of the training.
  • Overview of the rules for participation and the final test.
  • Agreement on the format of the training (workshops, lectures, exercises, case discussions).
  • Introduction to Risk Management
  • Benefits of risk management.
  • Challenges in managing risks and common reasons for system implementation failures.
  • Risk Management Standards and Models
  • Examples of best practices.
  • Requirements of ISO 22301 and practical guidance on risk assessment.
  • Discussion with participants
  • Review of the existing risk management methodology in their organization and its intended goals.
  • Workshops on the Risk Management Process:
  • Process-oriented approach to risk management.
  • Identification of threats.
  • Assessing resource availability.
  • Risk identification.
  • Risk analysis.
  • Documenting the Risk Management Process
  • Documentation requirements and practical tips for preparing documents.
  • Presentation and analysis of selected methodologies.
  • Review of the risk assessment sheet.
  • Questions and Discussion

Day 2
9:00 - 16:00

  • Presentation of Participants’ Conceptual Work
  • Consultations on Developed Solutions:
  • The importance of changes in the context of ISO 22301 requirements.
  • Inclusion of other areas of risk management within the organization in relation to business continuity.
  • Analysis of adopted solutions in terms of risk identification and assessment standards.
  • Presentation of Principles and Methods of Risk Evaluation:
  • Prioritization and handling of the most critical risks.
  • Workshops:
  • Optimization of existing documentation and recommendations for future improvements and actions.
  • Best Practices and Recommendations within the Business Continuity Management System.
  • Questions and Discussion:
  • Consultations on all discussed elements.
  • Proposals for further actions to improve the system

The price of the training

The price per participant: 1700.00 PLN (net).

Terms of participation

Price

The price of the training covers the service of granting the right to participate in a two-day training for one participant. It includes training materials, a certificate, coffee breaks, and lunch during the training. The price does not include accommodation.

Payment must be made based on the correctly issued VAT invoice within 14 days from the invoice receipt date to the bank account of the organizer specified on the invoice.

Conditions

Confirmation of acceptance of the application will be sent to the email address provided in the registration form.

The organizer reserves the right to cancel the course. In the event of course cancellation by the organizer, participants will receive a full refund of the course fee. Written withdrawal of the participant’s registration at least 10 working days before the training date is subject to a fee of 30% of the training price. Written cancellations submitted less than 10 working days before the training date will incur a 100% fee of the training price.

The training price listed in the training schedules is net, and the applicable VAT rate must be added.

The person/organization registering for the training authorizes PBSG SA, based at Szyperska 14, Poznań, to process the personal data provided for the purpose of fulfilling the order.

To participate in the training, the registration form must be completed.

Submitting the application means acceptance of the participation terms and consent to the processing of the personal data of the registered participants by PBSG SA for the purpose of fulfilling the order and for promotional and marketing activities conducted by PBSG SA.

Organizational information

Registration for the In-Person Training

Fill out this form if you want to participate in the Open On-site Training. If you are interested in online participation, register here: Online Training Registration Form.

It is possible to organize a closed training session tailored to your individual needs—send an inquiry and receive a quote.

Submitting the registration form indicates acceptance of the terms of participation.

Online training

Training program

Day 1
9:00 - 16:00

  • Training Program:
  • Welcome & Introduction
  • Introduction to the training agenda and objectives
  • Explanation of participation rules and final test
  • Agreement with participants on the training format (workshop, lecture, exercises, case discussions)
  • Introduction to Risk Management
  • Understanding the benefits of risk management
  • Challenges in managing risk and the most common reasons for failures in system implementation
  • Risk management standards and models as examples of good practices
  • ISO 22301 requirements and practical tips for risk assessment
  • Discussion on Existing Risk Management Methodology
  • Review of the current risk management methodology used in the participants’ organization
  • Clarification of assumptions and requirements to meet organizational objectives
  • Workshops on the Risk Management Process
  • Process approach to risk management
  • Risk identification techniques
  • Resource availability assessment
  • Risk identification methods
  • Risk analysis and evaluation
  • Documenting the Risk Management Process
  • Documentation requirements for risk management
  • Practical tips for creating relevant documentation
  • Presentation and analysis of selected risk management methodologies
  • Analysis of the risk assessment sheet
  • Questions & Discussion
  • Open forum for questions and discussions about risk management approaches
  • Addressing any doubts or challenges participants are facing in their organizations
  • Sharing experiences and solutions for better risk management processes

Day 2
9:00 - 16:00

  • Presentation of conceptual works of participants Consultations regarding developed solutions:
  • The essence of changes in the context of ISO 22301 requirements.
  • Inclusion of other areas of risk management in the organization in the context of business continuity.
  • Analysis of adopted solutions in relation to risk identification and assessment standards.
  • Presentation of principles and methods for risk evaluation (prioritization and dealing with the most significant risks).
  • Workshops – optimization of existing documentation and recommendations for future and further actions.
  • Good practices and recommendations within the Business Continuity Management System.
  • Questions and discussion:
  • Consultations regarding all discussed elements.
  • Proposals for further actions to improve.

Training fee

Price per participant: 1700.00 PLN net

Terms of participation

Price

The training price covers the service of granting the right for one participant to attend a two-day training session.

Payment shall be made based on a correctly issued VAT invoice within 14 days from the invoice receipt date, to the organizer’s bank account specified on the invoice.

Terms and Conditions

Confirmation of registration will be sent to the email address provided in the registration form.

The organizer reserves the right to cancel the course. In case of cancellation by the organizer, participants will receive a full refund of the course fee. A written withdrawal of a participant’s registration at least 10 business days before the training start date will incur a fee of 30% of the training price. A written cancellation submitted less than 10 business days before the training start date will result in a charge of 100% of the training price.

The training price listed in the training schedules is a net price and must be increased by the applicable VAT rate.

The person/organization registering for the training, by granting this consent, authorizes PBSG SA, with its registered office in Poznań at Szyperska 14, to process the provided personal data for order fulfillment purposes.

To participate in the training, a registration form must be completed.

Submitting the registration constitutes acceptance of the participation terms and consent for PBSG SA to process the personal data of registered participants for order fulfillment, as well as for the promotion and marketing of PBSG SA’s activities.

Organizational information

Organizational Information

Online training participants will receive access to the training platform. On the training day, participants must log in to the platform. The training will start at the scheduled time. During the session, the screen will be divided into three sections: presentation, trainer, and chat. Communication during the training takes place via chat.

Technical Requirements:

  • Hardware requirements: A computer with Internet access, a minimum 1.6GHz processor, and at least 4GB of RAM.
  • Browser: The latest version of Chrome, Mozilla Firefox, or Safari.

Training Quality

The training is conducted in accordance with the Training Services Quality Standards Manual.

Registration for the online training

Fill out this form if you want to participate in the online training. If you are interested in on-site participation, register here: Offline Training Registration Form.

It is possible to organize a closed training session tailored to your individual needs—send an inquiry and receive a quote.

Submitting the registration form indicates acceptance of the terms of participation.

Internal training

Exclusively Dedicated to Your Organization – This approach ensures comfort and flexibility, allowing for a detailed discussion of specific topics and situations within your organization. We understand that every company is unique, so to effectively apply the acquired knowledge to your organization, we tailor the presented examples to your specific needs and business context.

Training program

Day 1
9:00 - 16:00

  • Welcome and Introduction
  • Presentation of the training scope
  • Discussion of participation rules and final test
  • Agreement on the training format with participants (workshop, lecture, exercises, case study discussion)
  • Introduction to Risk Management
  • Benefits of risk management
  • Challenges in risk management and common reasons for implementation failures
  • Risk Management Standards and Models as Best Practices
  • ISO 22301 requirements and practical guidelines for risk assessment
  • Discussion of existing risk management methodologies within participants’ organizations and their key assumptions
  • Workshop Series on the Risk Management Process
  • Process-based approach to risk management
  • Threat identification
  • Assessment of resource availability
  • Risk identification
  • Risk analysis
  • Documenting the Risk Management Process
  • Documentation requirements and practical guidelines for development
  • Presentation and analysis of selected methodologies
  • Review of the risk assessment worksheet
  • Q&A and Discussion

Day 2
9:00 - 16:00

  • Presentation of Participants’ Conceptual Work
  • Consultations on Developed Solutions:
  • The essence of changes in the context of ISO 22301 requirements
  • Integration of other risk management areas within the organization in the context of business continuity
  • Analysis of adopted solutions concerning risk identification and assessment standards
  • Principles and methods for risk evaluation (prioritization and handling of critical risks)
  • Workshops:
  • Optimization of existing documentation
  • Recommendations for future improvements and further actions
  • Best Practices and Recommendations in Business Continuity Management
  • Q&A and Discussion:
  • Consultations on all discussed elements
  • Suggestions for further improvement actions

How does it work?

Step 1

APPLCATION

In the first step, complete the registration form to express your interest in organizing a dedicated training session for your company.

Step 2

DATE

We will set the date and location for the training – we will adapt to your availability and individual expectations.

Step 3

PRICE

We will present the commercial terms for organizing the training based on the agreed parameters and the number of participants.

Step 4

TRAINING

We will conduct the dedicated training in accordance with the agreed terms.

Ask for a quote for an internal training session

Check the program of other trainings

Training

NIS2 training for boards of directors

Learn more
Training

DORA: Fundamentals, Risk Management, and Organizational Preparation

Learn more
Training

Training on the requirements of the NIS2 Directive

Learn more

What do we do?

Information security

We help protect the key informational assets of your organization.

Check here

IT Security

We will enhance the resilience of your network and infrastructure against cyberattacks.

Check here

Personal data security

We enhance the level of personal data protection in your organization.

Check here

Cybersecurity

We conduct a threat assessment for your organization and help create a personalized cybersecurity plan.

Check here

Management control

We assist public entities in formulating goals, tasks, and conducting risk analysis.

Check here

Risk management

We offer comprehensive services in designing and implementing risk management systems.

Check here

Business continuity management

We will strengthen your organization’s resilience and prepare you for managing crisis situations and business continuity.

Check here

IT services management

We will build a set of principles and practices for delivering your IT services to end users.

Check here

erisk

Comprehensive risk management software. An efficient way to manage risk without spreadsheets.

Check here