Day One

• “Classic” notions and definitions
• Modern understanding within COSO and ISO
• Post-COVID demands on Operational Risk Management (ORM)
• Surveys and feedback
• What we can learn from business continuity
• Defining resilience
• Roadmap for the course

• Investigating COSO ERM
• Key areas of emphasis:
• Risk management is not back-office and reactionary, but board-lead, head-office and forward-looking
• Risk management must be closely involved with strategy setting and execution
• Risk management involves new definitions, concepts and psychological notions
• Risk management must be practically related to performance and KPI management

• Scope must be defined by board and executive concerns
• Review of surveys on concerns:
• Growth
• Responsiveness to threats and resilience
• Handling emerging risks
• Enhancing competitiveness

• Dynamic notions of risk and performance introduced
• Using the COSO ERM Process Steps for ORM
• Establishing the strategic context
• Cascading strategic performance
• Identification of key risks and key risk indicators (KRIs)
• Quantifying KRIs and Key Risks
• Integrating and understanding impacts
• Direct and Indirect operational events
• Behavioural and environmental indicators and factors: Stress Testing
• Ranking and developing a strategy for managing operational risks
• Remedies
• Monitoring Risks

Day Two

• Creating an infrastructure for analyzing and managing operational threats:
• Defining operational events
• Managing data:
• Centralized management of data and loss events
• Decentralized Management of data and loss events
• Mixture systems
• Database development
• Distinguishing between Loss databases and Event databases
• Capturing Direct Losses
• Indirect losses
• Timing issues
• Key Risk Indicators (KRIs) and Business environment and internal control factors (BEICFs)
• Technical issues (if time permits)
• Loss data collection thresholds
• Potential fixes to reporting bias

• Borrowing techniques from Business Continuity Management
• Identifying impacts resulting from disruptions and disaster scenarios
• Specifying techniques to quantify impacts
• Establishing “criticality” and critical functions
• Assessing impacts over time
• Recovery Time Objective (RTO) and Recovery Point Objective (RPO)
• Maximum tolerable outage (MTO)
• Identifying interdependencies

• Develop routines, simple rules and improvisations
• Analyze which tools you need to get different work done (or different critical functions up and running)
• Question assumptions behind routines
• Practice doing more with less
• Deepen knowledge of how work fits in with whole strategy
• Investing building expertise
• Identify priorities
• Learn to give up control

Day Three

• Creating the board-led, governance structure
• Chief Risk Officer and ORM head
• Risk champions and risk analysts
• 3 Lines and 4 Lines of Defence models
• Defining roles for Board, Risk management, Management Team, Audit and Compliance

• Current risk culture must be re-examined
• Defining “risk culture”
• Importance in ORM
• FSB Indicators of risk culture strength
• Typical psychological factors in risk culture weakness: biases

1. Risk culture
2. Operational Risk Management Framework
3. Board of directors: implementation of operational risk management
4. Board of directors: risk appetite
5. Senior management
6. Identification and assessment of operational risks
7. Change management
8. Monitoring and reporting
9. Control and mitigation
10. ICT
11. Business continuity
12. Disclosure

Day Four

Our Tailored Learning Offering

Do you have five or more people interested in attending this course? Do you want to tailor it to meet your company’s exact requirements? If you’d like to do either of these, we can bring this course to your company’s office. You could even save up to 50% on the cost of sending delegates to a public course and dramatically increase your ROI.

If you want to run this course at a location convenient to you or if you want a completely customised learning solution, we can help.

We produce learning solutions that are completely unique to your business. We’ll guide you through the whole process, from the initial consultancy to evaluating the success of the full learning experience. Our learning specialists ensure you get the maximum return on your training investment.

We have a combined experience of over 60 years providing learning solutions to the world’s major organisations and are privileged to have contributed to their success. We view our clients as partners and focus on understanding the needs of each organisation we work with to tailor learning solutions to specific requirements.

We are proud of our record of customer satisfaction. Here is why you should choose us to help you achieve your goals and accelerate your career:

• Quality – our clients consistently rate our performance ‘excellent’ or ‘outstanding’. Our average overall score awarded to us by our clients is nine out of ten.
• Track record – 10/10 of the world’s largest banks have chosen us as there training provider and we have delivered training across the largest banks and have trained over 25,000 professionals.
• Knowledge – our 100+ strong team of industry specialist trainers are world leading financial leaders and commentators, ensuring our knowledge base is second to none.
• Reliability – if we promise it, we deliver it. We have delivered over 25,000 events both in person and online, using simultaneous translation to delegates from over 99 countries.
• Recognition – we are accredited by the British Accreditation Council and the CPD Certification Service. In an independent review by Feefo we scored 4.2/5 on service and 4.7/5 on Coursecheck