Operational Risk Management
This course covers the most topical elements of operational risk management and its challenges for the financial services industry. It is a must-have for all operational risk practitioners wishing to benchmark their practices. It is also an opportunity for newcomers to gain a comprehensive overview what modern operational risk managers need to know. Delegates will leave the course equipped with a new network of practitioners, a wealth of content, additional references and readings, and an open line for further questions with the training delivery team.
· Identify emerging risks
· Risk networks rather than risk registers
· Explain the key elements of counter-terrorism measures and physical security
· Implementing ORM: the invisible framework
· Know about cyber security and threats
· Differentiate and address human errors
· Use root cause analysis most effectively
· Apply Influencing behaviors for better control
· Understand the best practices in operational risk management
· Learn about risk reporting and conduct reporting
· Building a framework for risk culture change
· Leading KRIs framework for identification and design
· Scenario analysis and assessment
Risk identification tools and emerging risks
· Tools and techniques for risk identification
· Risk register: a list
· Risk connectivity: network of risks
· World economic forum: risk map
· Emerging risks
Implementing ORM: the invisible framework
· Governance of Operational Risk
· 1st line and 2d line: The partnership model
· Use and reuse: The Invisible Framework
· Business value of ORM
Risk reporting and Conduct reporting
· Modern issues on events and risk reporting: the regulator’s view
· Analyzing operational risk data: get insight, tell a story
· Management information: the “reporting cake”
· Aggregate and escalate risk information: your options
· Conduct reporting: themes and details
Implementing the Desired Risk Culture: a method
· Defining Risk Culture
· Acting on behaviours: the Influencer
· Necessary conditions: willingness and ability
· Risk Culture: DESIRE steps: Define, Inspire, Support, Enable, Reinforce, Evaluate
· Assessing the risk culture
Defining Risk Appetite statements and tolerance limits
· Industry guidance on Risk Appetite
· Risk appetite, tolerance, risk limits and controls
· Templates and options for actionable Risk Appetite
· Risk Appetite Statements: Features and Examples
· Cascading Risk Appetite: RCSA & Indicators
· KRI and risks limits
Internal Controls: Human Error and Control Design
· Slips and mistakes: Typology and causes of human errors
· HRA: Human Reliability Analysis and other methods
· Understand and treat the causes of human error
· Effective or Illusory controls
· Prevention by Design
Root causes analysis
· Root cause analysis: tool and method
· Benefits of root cause analysis:
· Treating causes over symptoms
· Bow-tie: a most effective tool to define:
– Preventive and corrective controls
– Leading KRIs
– Risk likelihood and expected impact
· Features and types of leading KRIs
· Features of leading KRIs
· KRI, KPI, KCI: definitions and uses.
· A typology of Key Risks indicators
Cyber threats and information security
· Cyber threat landscape
· An old emerging risk
· Key controls in cyber security
· Physical and behavioural measures
· Priorities in prevention
Lessons learnt from some incidents
Scenario Analysis: Governance, Stress testing and Assessment methods
· Four dimensions of stress-testing
· Steps and governance of scenario analysis
· Tackling behavioral biases in scenario assessment
· Industry practices and lists of scenarios
· Assessing probabilities of rare events
· Acting on Scenario Analysis
Reorganisation risk and project management
· Risk due to changes and reorganisations
· The trap of cost-cutting
· Invisible opportunity costs
Heads of Operational Risk, Risk Managers, Operational Risk Managers, Operations Managers, Internal Auditors, HR officers, Compliance officers and Consultants.