agenda
agenda
Meet our course tutor

Ariane Chapelle
Director
Chapelle Consulting
Dr, Ariane Chapelle, is Honorary Reader at University College London and is an internationally recognised trainer and consultant in Risk. She teaches at UCL 'Operational Risk Measurement for Financial Institutions’ and is a Fellow of the Institute of Operational Risk..
In 2019, the firm received the Risk.net Award for ‘Outstanding Achievement in the Year in Operational Risk’. She published at Wiley Finance Series the textbook Operational Risk Management: Best Practices in the Financial Services Industry, in December 2018 that rapidly became the No.1 best seller in its field and is now translated in French by Pearson France. In 2020, the book got elected “Book of the Year” by risk.net.
Dr. Chapelle founded and runs her adivsory and training practice in risk management, serving all sizes of financial organisations and international institutions, including central banks and UN agencies. She is a former holder of the Chair of International Finance at the University of Brussels with backgrounds in internal audit, credit risk and investment risk. She has been active in operational risk management since 2000 and was formerly head of operational risk management at ING Group and Lloyds Banking Group.
Advanced Operational Risk Management | Agenda
Agenda timing is in HKT/SGT
13:45 – 14:00
Registration
09:00 - 10:00
14:00 – 15:00
Risk Identification Tools and Emerging Risks
09:00 - 10:00
- Tools and techniques for risk identification
- Exposures and vulnerabilities
- The risk wheel
- Value drivers and reverse stress testing
- Risk register: a list
- Risk connectivity: network of risks
- World economic forum: risk map
- Emerging risks
- Class exercise: Identify the network of your top risks
15:00 – 16:00
Root causes analysis – the bow-tie
09:00 - 10:00
- Root cause analysis: tools and methods
- Benefits of root cause analysis: tracking the common failures and systemic patterns
- Treating causes over symptoms
- Bow-tie: an effective tool to define preventive, corrective controls and leading KRIs
- Risk likelihood and expected impact
- Class exercise: apply the bow-tie to one of your incidents and share the lessons learnt
16:00 – 16:15
Afternoon break
09:00 - 10:00
16:15 – 17:15
Implementing ORM: The invisible framework
09:00 - 10:00
- Governance of operational risk
- 1st line and 2nd line: the partnership model
- Use and reuse: the invisible framework
- Business value of ORM
- Workshop: build a business case for risk management
17:15 – 17:15
End of Day 1
09:00 - 10:00
13:45 – 14:00
Registration
09:00 - 10:00
14:00 – 15:00
Information security assessment and essentials of cyber protection
09:00 - 10:00
- Information security risk management framework
- Typology of information security risk
- Information assets inventory
- Risk assessments
- Control layering and key controls for information security risks
- Scenarios and quantification
15:00 – 16:00
Internal Controls: Human Error and Control Design
09:00 - 10:00
- Slips and mistakes: typology and causes of human errors (J Reason)
- HRA: human reliability analysis and other methods
- Understand and treat the causes of human error
- Effective or illusory controls
- Prevention by design
- Group work: Share your experience of the best and worst controls
16:00 – 16:15
Afternoon break
09:00 - 10:00
16:15 – 17:15
Risk reporting, conduct reporting and benchmarking your practices
09:00 - 10:00
- Modern issues on events and risk reporting: the regulator’s view
- Analysing operational risk data: get insight, tell a story
- Management information: the reporting cake
- Aggregate and escalate risk information: your options
- Conduct reporting: themes and details
- Highlights of best practice, group discussion and sharing of experiences
- Interactive maturity criteria for your ORM framework and use test, plus a priority list for starter firms
17:15 – 17:15
End of Day 2
09:00 - 10:00
13:45 – 14:00
Registration
09:00 - 10:00
14:00 – 15:00
Resilience, reputation and operational risk management for projects
09:00 - 10:00
- Regulatory highlights on operational resilience and the connections with an effective reputational risk management framework
- ORM policy for project management
- Project rating criteria
- Causes of project failure
- Essentials of project risk management
- Collaborations and benefits
15:00 – 15:15
Afternoon break
09:00 - 10:00
15:15 – 16:15
Implementing the Desired Risk culture: a method
09:00 - 10:00
- Defining risk culture
- Acting on behaviours: the influencer
- Necessary conditions: willingness and ability
- Risk culture: DESIRE steps – define, inspire, support, enable, reinforce, evaluate
- Assessing the risk culture
- Group work: plan your own culture change
- Wrap up: what have you learnt and how will you apply it
16:15 – 16:30
Course Wrap-up
09:00 - 10:00
- Q&A session for a practical anticipation
16:30 – 16:30
End of course
09:00 - 10:00