By the end of this training course, trainees will be able to :
- Understand key operational risk sound practice and link them to day-to-day practices.
- Identify the key components of an operational risk management framework.
- Explain the traditional three lines of defense and the allocation of risk responsibilities.
- Understand operational risk management tools, their purposes, and uses.
- Understand how to capture, report and investigate operational risk events.
- Develop key risk indicators (KRIS).
- Understand how to conduct various risk assessment methodologies including but not limited to Risk & control self-assessment (RCSA)
- Recognize how risk culture can assist the overall business and add value.
- Define and implement operational risk appetite.
- Describe the different categories of operational risk and explain how each type of risk can arise.
- Professionals working in:
- Risk .
- Regulatory compliance.
- Audit.
- Internal control units.
This area focuses on Operational Risk fundamentals including management and measurement tools and methodologies, in order to enable risk professionals to better understand and manage Operational risks across an organization, and conclude how effective Operational risk management impacts an organization’s risk culture and governance practices. The broad knowledge points covered in Operational Risk and Management include the following:
- Principles for sound operational risk management.
- Operational risk management tools & methodologies.
- Operational risk mitigation techniques.
- Analyzing and reporting operational risk data.
- Risk culture and Governance.
- Introduction to operational risk :
- Definition of operational risk and operational risk categories.
- Operational risk sound principals & leading practices.
- Example of operational risk failures – case studies.
- The risk management process:
- Risk identification/classification.
- Risk assessment and measurement.
- Risk mitigation.
- Risk monitoring and reporting .
- Risk governance:
- Three lines of defense.
- The GRC (governance, risk, and compliance) concept.
- Integrating with strategy.
- Reporting & monitoring.
- Operational risk appetite development:
- Quantitative & qualitative risk appetite.
- The heat map.
- Defining impact & probability scales.
- Interpretation.
- Practical exercises: developing, defining & interpreting a heat map.
- Operational risk management tools:
- Operational risk incident recording:
- Objectives of risk incident recording.
- Internal data collection and emerging risks identification.
- The importance of ‘lessons learned’ processes.
- Risk assessment:
- Risk assessment techniques and methodologies.
- The RCSA process.
- Risk assessment for new products, processes, and activities.
- Key risk indicators:
- Identifying key risks.
- Developing key risk indicators.
- Developing thresholds & monitoring frequencies.
- Action management:
- Risk mitigation techniques.
- Action development.
- Action monitoring & reporting.
- Practical exercises: risk self assessment exercise of a process / key risk indicators for a Process .
- Risk culture :
- Risk culture framework.
- Building a risk culture.
- Effective tools for assessing and managing risk culture.