Documente Academic
Documente Profesional
Documente Cultură
Key
Health
Suppliers / System Property &
&
Outsource failures Facilities
Safety
Partners
Key person
External threats
dependencies
Historic Positioning of Op Risk & BCM
• Focus on “traditional” business continuity – denial of
access to premises, or loss of systems
• BCM and Operational Risk seen as separate entities
Operational
BCM
Risk
Synergies between the two
Stakeholders Framework Intended
Components Outcome
Board Policy & Understanding
Procedures of appetite
Executive & Senior Supporting Proactive
Management documents assessment
Operational Plans & Training Understanding
Management of impact
Other Considerations
Impact on Capital Impact on Change Insurance
Operational Risk – Integrated Approach
Busi
Contro Operat
ness Insu
Operational l Self- ional
Cont ranc
Risk Asses Risk
inuit e
sment Capital
y
Operational Risk – Integrated Approach
Busi
Contro Operat
ness Insu
Operational l Self- ional
Cont ranc
Risk Asses Risk
inuit e
sment Capital
y
Busi
Contro Operat
ness Insu
Operational l Self- ional
Cont ranc
Risk Asses Risk
inuit e
sment Capital
y
Assess controls
• CSA process
• Review control weaknesses
• Track actions
• Link control evidence to risks
• Review incidents as evidence of control failures
Operational Risk – Integrated Approach
Busi
Contro Operat
ness Insu
Operational l Self- ional
Cont ranc
Risk Asses Risk
inuit e
sment Capital
y
Busi
Contro Operat
ness Insu
Operational l Self- ional
Cont ranc
Risk Asses Risk
inuit e
sment Capital
y
Risk transfer
• Placement
• Claims Handling
• Specific perils e.g. Buildings/Contents, Business
Interruption Insurance
• Advice & Guidance
Operational Risk – Integrated Approach
Busi
Contro Operat
ness Insu
Operational l Self- ional
Cont ranc
Risk Asses Risk
inuit e
sment Capital
y
Change agenda
Scenarios
Suppliers &
Core Critical Reporting
Colleagues Facilities Outsource
Processes Systems
Partners
Change agenda
Scenarios
Suppliers &
Core Critical Reporting
Colleagues Facilities Outsource
Processes Systems
Partners
Crisis
Management
Team
Escalate Cascade
up Incident Management down
Teams
Business
Operations IS
Co-ordinator Co-ordinator
Incident
Management
Team Leader
Comms
Information
Co-ordinator
Co-ordinator
Site Facilities
& Security
Integrated Approach
Operational
BCM
Risk
Incident
Risk Management
Assessments Capability
Tangible exercising
Conclusions
• An effective, and consistent framework
• Can be used to define overall risk appetite at Board level
• Practical considerations – both areas need policies &
procedures
• Simple for the business
• Aligned to business processes
• Crucial that it’s accepted from a cultural perspective within the
newly merged organisation
• Potential to drive efficiencies and cost-savings
Thank You