2. management of operational risk Flashcards Preview

Cert In Operational Risk Management > 2. management of operational risk > Flashcards

Flashcards in 2. management of operational risk Deck (7)
Loading flashcards...
1
Q

what are the fundamental components of a firms risk governance framework ?

A
  • the governing body
  • the risk owners
  • those who fulfil risk oversight functions
  • those who fulfil risk assurance
2
Q

Do you understand how to distinguish operational risk as a discipline and as a function ?

A
  • Responsibility for operational risk as a discipline falls on every single individual in a firm as an inherit part of their day to day responsibilities
  • essentially operational risk as a function is located in the second line of defence but a good operational risk manager or function will also be engaged in assisting and supporting the business to optimise its operational risk exposure management
3
Q

what are the key aspects of the 3 lines of defence model ?

A
  • the first line of defence, the risk owners, are the business line managers, and any other business or front office staff responsible for managing risk, as well as support functions such as IT, HR and legal.
  • the second line of defence involves those who provide independent risk oversight over business processes and the proper implementation of the risk management policies and framework.
  • the third like risk assurance is truly independent of the other 2 lines. Strictly speaking it comprises the internal audit function which provides assurance to the governing body and senior management of the quality and effectiveness of the firms governance, risk management, internal controls, systems and processes,
4
Q

What are the key topics included in a firms operational risk policy ?

A
  • purpose and scope of the policy
  • operational risk appetite
  • roles and responsibilities of personell and functions
  • overview of the operational risk management Framework and processes
  • Ethical and behavioural guidelines
  • Glossary of terms relating to operational risk.
5
Q

what are the indicators of robust and weak risk culture

A
  • Leadership of the firm is committed to upholding and acting the values and behaviours which it expects from everyone in the firm
  • those values are clearly communicated.
  • clear roles and responsibilities
  • Reward which incentives good behaviour and deters poor behaviour.
  • confidence in dealing with risk including appropriate challenge.
  • open communication up and down the firm so that bad news travels quickly to where decisions are required.
  • competence and training of those who are responsible for managing risk
  • appropriate resources allocated to the management of risk,.
  • discouraging behaviours and incentives for employees to “game the system” and encouraging them to play by the rules.
6
Q

what is the “use test”

A

it tests that tools and processes used for governance and regulatory purposes are embedded in the firms wider risk governance framework and not developed or operated in a back room purely to satisfy regulatory needs,

7
Q

How should changes to the internal and external business environment be considered for the management of ops risk

A

it is essential that the identification, assessment, monitoring and management of operational risk are continually performed, Overall it is important that there is clarity about roles and responsibilities for change management and that they are aligned with the 3 lines of defence.