Euro-training Center
 Operational Risk Management and Resilience RC1948 QR Code
Share   Like Download Brochure (PDF) Dates and locations

Operational Risk Management and Resilience



This course aims to help participants learn how to enhance the operational risk management and resilience capabilities of their organizations. In particular, we focus on how the recent COVID-19 disaster made plain the strategic weaknesses of most organizations insofar as withstanding and responding to surprises.

While the Covid pandemic was, by most accounts, unpredictable, the responses to it varied—often becoming the determining factor in whether an organization survived.

Operational Risk Management & Resilience Course addresses these concerns by making operational risk management a strategic, forward-looking undertaking that aims to constantly position and reposition the organization in light of changing internal and external challenges. This approach breeds resilience.

Course Objectives

At the end of this course, the participants will know about:

  • Identification of emerging risks
  • Risk networks rather than risk registers
  • Key elements of counter-terrorism measures and physical security
  • Implementing ORM: the invisible framework
  • Must-know about cyber security and threats
  • How to differentiate and address human errors
  • How to use root cause analysis most effectively
  • Influencing behaviors for better control
  • All best practices in operational risk management for financial companies
  • Risk Reporting and Conduct reporting
  • Building a framework for risk culture change
  • Leading KRIs framework for identification and design
  • Scenario analysis and assessment

Targeted Audience

  • Heads of Operational Risk
  • Enterprise Risk Managers
  • Operational Risk Managers
  • Operations Managers
  • Internal Auditors
  • HR officers
  • Compliance officers
  • Consultants
  • Regulators

Course Outline

Unit 1: Defining Modern Operational Risk

  • “Classic” notions and definitions
  • Modern understanding within COSO and ISO
  • Post-COVID demands on Operational Risk Management (ORM)
  • What we can learn from business continuity
  • Defining resilience
  • Roadmap for the course

Creating a post-COVID, ORM framework:

  • Investigating COSO ERM
  • Risk management must be practically related to performance and KPI management
  • Risk management involves new definitions, concepts and psychological notions
  • Risk management must be closely involved with strategy setting and execution
  • Risk management is not back-office and reactionary, but board-lead, head-office and forward-looking

Unit 2: Technical Aspects: Data

  • Creating an infrastructure for analyzing and managing operational threats:
  • Defining operational events
  • Managing data:
  • Centralized management of data and loss events
  • Decentralized Management of data and loss events
  • Mixture systems
  • Database development
  • Distinguishing between Loss databases and Event databases
  • Capturing Direct Losses
  • Indirect losses
  • Timing issues
  • Key Risk Indicators (KRIs) and Business environment and internal control factors (BEICFs)
  • Technical issues (if time permits)
  • Loss data collection thresholds
  • Potential fixes to reporting bias

Technical Aspects: Building in Business Continuity

  • Borrowing techniques from Business Continuity Management
  • Identifying impacts resulting from disruptions and disaster scenarios
  • Specifying techniques to quantify impacts
  • Establishing “criticality” and critical functions
  • Assessing impacts over time
  • Recovery Time Objective (RTO) and Recovery Point Objective (RPO)
  • Maximum tolerable outage (MTO)
  • Identifying interdependencies

Unit 3: Technical Aspects: Creating Resilience

  • Develop routines, simple rules, and improvisations
  • Analyze which tools you need to get different work done (or different critical functions up and running)
  • Question assumptions behind routines
  • Practice doing more with less
  • Deepen knowledge of how work fits in with the whole strategy
  • Investing building expertise
  • Identify priorities
  • Learn to give up control

Unit 4: Qualitative and Structural Aspects: Governance

  • Creating the board-led, governance structure
  • Chief Risk Officer and ORM head
  • Risk champions and risk analysts
  • 3 Lines and 4 Lines of Defence models
  • Defining roles for Board, Risk management, Management Team, Audit and Compliance

Qualitative and Structural Aspects: Risk Culture

  • Current risk culture must be re-examined
  • Defining “risk culture”
  • Importance in ORM
  • FSB Indicators of risk culture strength
  • Typical psychological factors in risk culture weakness: biases

Unit 5: Putting everything together

Basel Checklist:

  • Risk culture
  • Operational Risk Management Framework
  • Board of directors: implementation of operational risk management
  • Board of directors: risk appetite
  • Senior management
  • Identification and assessment of operational risks
  • Change management
  • Monitoring and reporting
  • Control and mitigation
  • ICT
  • Business continuity
  • Disclosure

Select training course venue