agenda

agenda

Download agenda here

Meet our course tutor

Thumbnail
Ariane Chapelle

Director

Chapelle Consulting

Dr, Ariane Chapelle, is Honorary Reader at University College London and is an internationally recognised trainer and consultant in Risk. She teaches at UCL 'Operational Risk Measurement for Financial Institutions’ and is a Fellow of the Institute of Operational Risk..

In 2019, the firm received the Risk.net Award for ‘Outstanding Achievement in the Year in Operational Risk’. She published at Wiley Finance Series the textbook Operational Risk Management: Best Practices in the Financial Services Industry, in December 2018 that rapidly became the No.1 best seller in its field and is now translated in French by Pearson France. In 2020, the book got elected “Book of the Year” by risk.net.

Dr. Chapelle founded and runs her adivsory and training practice in risk management, serving all sizes of financial organisations and international institutions, including central banks and UN agencies. She is a former holder of the Chair of International Finance at the University of Brussels with backgrounds in internal audit, credit risk and investment risk. She has been active in operational risk management since 2000 and was formerly head of operational risk management at ING Group and Lloyds Banking Group.

Advanced Operational Risk Management | Agenda

Agenda timing is in HKT/SGT

13:4514:00

Registration

09:00 - 10:00

14:0015:00

Risk Identification Tools and Emerging Risks

09:00 - 10:00

  • Tools and techniques for risk identification
  • Exposures and vulnerabilities
  • The risk wheel
  • Value drivers and reverse stress testing
  • Risk register: a list
  • Risk connectivity: network of risks
  • World economic forum: risk map
  • Emerging risks
  • Class exercise: Identify the network of your top risks

15:0016:00

Root causes analysis – the bow-tie

09:00 - 10:00

  • Root cause analysis: tools and methods
  • Benefits of root cause analysis: tracking the common failures and systemic patterns
  • Treating causes over symptoms
  • Bow-tie: an effective tool to define preventive, corrective controls and leading KRIs
  • Risk likelihood and expected impact
  • Class exercise: apply the bow-tie to one of your incidents and share the lessons learnt

16:0016:15

Afternoon break

09:00 - 10:00

16:1517:15

Implementing ORM: The invisible framework

09:00 - 10:00

  • Governance of operational risk
  • 1st line and 2nd line: the partnership model
  • Use and reuse: the invisible framework
  • Business value of ORM
  • Workshop: build a business case for risk management

17:1517:15

End of Day 1

09:00 - 10:00

13:4514:00

Registration

09:00 - 10:00

14:0015:00

Information security assessment and essentials of cyber protection

09:00 - 10:00

  • Information security risk management framework
  • Typology of information security risk
  • Information assets inventory
  • Risk assessments
  • Control layering and key controls for information security risks
  • Scenarios and quantification

15:0016:00

Internal Controls: Human Error and Control Design

09:00 - 10:00

  • Slips and mistakes: typology and causes of human errors (J Reason)
  • HRA: human reliability analysis and other methods
  • Understand and treat the causes of human error
  • Effective or illusory controls
  • Prevention by design
  • Group work: Share your experience of the best and worst controls

16:0016:15

Afternoon break

09:00 - 10:00

16:1517:15

Risk reporting, conduct reporting and benchmarking your practices

09:00 - 10:00

  • Modern issues on events and risk reporting: the regulator’s view
  • Analysing operational risk data: get insight, tell a story
  • Management information: the reporting cake
  • Aggregate and escalate risk information: your options
  • Conduct reporting: themes and details
  • Highlights of best practice, group discussion and sharing of experiences
  • Interactive maturity criteria for your ORM framework and use test, plus a priority list for starter firms

17:1517:15

End of Day 2

09:00 - 10:00

13:4514:00

Registration

09:00 - 10:00

14:0015:00

Resilience, reputation and operational risk management for projects

09:00 - 10:00

  • Regulatory highlights on operational resilience and the connections with an effective reputational risk management framework
  • ORM policy for project management
  • Project rating criteria
  • Causes of project failure
  • Essentials of project risk management
  • Collaborations and benefits

15:0015:15

Afternoon break

09:00 - 10:00

15:1516:15

Implementing the Desired Risk culture: a method

09:00 - 10:00

  • Defining risk culture
  • Acting on behaviours: the influencer
  • Necessary conditions: willingness and ability
  • Risk culture: DESIRE steps – define, inspire, support, enable, reinforce, evaluate
  • Assessing the risk culture
  • Group work: plan your own culture change
  • Wrap up: what have you learnt and how will you apply it

16:1516:30

Course Wrap-up

09:00 - 10:00

  • Q&A session for a practical anticipation

16:3016:30

End of course

09:00 - 10:00