Module breakdown

Module 1: Understanding Operational Risk

• 1.1 Introduction
• 1.2 What is Operational Risk?
• 1.3 The Scope and Definiton of Operational Risk
• 1.4 How do banks manage operational risk?
• 1.5 The Development of Operational Risk Management in Banking
• 1.6 Defining and using risk frequency and Impact
• 1.7 Defining and using Inherent and residual operational risk
• 1.8 Understanding the importance of Near Misses
• 1.9 Understanding Operational Risk Appetite
• 1.10 Introducing Sound Operational Risk Practices
• 1.11 COSO and Operational Risk

Module 2: Managing Operational Risk

• 2.1 Introduction
• 2.2 Operational Risk Management Activities
• 2.3 Developing Risk Champions
• 2.4 The Operational Risk Management Framework
• 2.5 Operational Risk Corporate Governance
• 2.6 Relationship of operational risk to internal control and internal audit
• 2.7 Implementing Operational Risk Frameworks – tools and approaches
• 2.8 Key Risk Indicators and Thresholds
• 2.9 Incident Management
• 2.10 Root cause analysis
• 2.11 Event reporting and Monitoring
• 2.12 Operational Risk Reporting processes
• 2.13 Closing Summary

Module 3: Identifying and Assessing Operational Risk

• 3.1 Introduction
• 3.2 Identification of Operational Risks
• 3.3 Running risk workshops
• 3.4 Identification of controls
• 3.5 Risk acceptance policies
• 3.6 Assessing inherent and residual risks
• 3.7 Operational Resilience
• 3.8 Cybersecurity and operational risk
• 3.9 Risk and control self assessment
• 3.10 Risk control self assessment workshops
• 3.11 Conclusion and Summary

Module 4: Measuring Operational Risk

• 4.1 Regulatory update
• 4.2 Basic indicator approach
• 4.3 Standardized approach
• 4.4 Using the advanced measurement approach
• 4.5 Basic criteria for using the measurement approaches
• 4.6 Process modeling and measurement
• 4.7 Risk indicators and risk appetite
• 4.8 Key risk indicators

Module 5: Internal loss Data and Scenario Modelling/Stress Testing

• 5.1 Introduction
• 5.2 What are the key uses of internal loss data?
• 5.3 Internal Loss Event Types
• 5.4 Obtaining internal loss data
• 5.5 Gross loss v Net loss
• 5.6 Loss data relevance and scaling – what needs to be done?
• 5.7 Use of external loss data
• 5.8 Two types of external loss data - public and pooled
• 5.9 Making external loss data relevant to your organisation and deriving value from historic events
• 5.10 What is scenario modelling and how does it vary from stress testing?
• 5.11 Uses of stress testing and scenario analysis
• 5.12 Developing credible scenarios and applying them in practice
• 5.13 What is a suitable operational risk stress test?
• 5.14 Summary

Module 6: Mitigating Operational Risk

• 6.1 Introduction
• 6.2 What is operational risk mitigation?
• 6.3 The Objectives of Operational Risk Mitigation
• 6.4 Mitigation techniques – People
• 6.5 Mitigation techniques – Technology
• 6.6 Mitigation techniques – Processes
• 6.7 Identification and improvement of key controls
• 6.8 Challenges of implementing effective and efficient controls
• 6.9 Business Resilience
• 6.10 The graduated Business Continuity plan
• 6.11 Cascading risk and secondary effects
• 6.12 Testing the Business Continuity Plan
• 6.13 Summary