agenda

agenda

Key Risk Indicators and Risk Appetite | Agenda

Agenda timing is in HKT/SGT

14:4515:00

Registration

09:00 - 10:00

15:0016:00

Operational risk management trends and top risks: what’s on the horizon?

10:00 - 11:00

  • Operational risk frameworks in the financial services 
  • Framework complete and maturity: the ORM pyramid
  • Exposure and vulnerabilities
  • Rising operational risks and market trends
  • Top risks survey
  • Class discussion and experience sharing: rising risks in organisations

16:0017:00

Actionable risk appetite

10:00 - 11:00

  • Industry guidance on risk appetite
  • Risk appetite, tolerance and limits
  • Structure of actionable risk appetite
  • Cascading risk appetite: RCSA & indicators
  • Top down and bottom up approaches to risk appetite
  • Class discussion and exercise: define a risk appetite statement for one or two of your top risks

17:0017:15

Break

10:00 - 11:00

17:1518:15

Preventive KRIs: a method

10:00 - 11:00

  • Selecting and designing KRIs step by step
  • Metrics of risk drivers
  • A typology of KRIs: exposure, stress, casual and failure
  • KRI design and reporting
  • Group work: attendees will have the opportunity to apply this method and share their findings with others in a guided exercise

18:1518:15

End of Day 1

10:00 - 11:00

15:0016:00

Root cause analysis for KRI identification

10:00 - 11:00

  • Root cause analysis and lessons learnt from large incidents
  • Cause of the cause: the benefits
  • Bow tie tool: tracking common failures and systemic patterns
  • Root cause and risk prevention
  • Group work: apply a bow-tie analysis to one of your incidents and share the lessons learnt

16:0017:00

Process mapping and control design

10:00 - 11:00

  • Process mapping: highlights risk and controls at every step
  • KCIs: assessing controls, their existence, their effectiveness
  • Typology of controls
  • Typology of human error: the work of James Reason
  • Active and latent errors
  • Prevention by design
  • Group work: attendees will work on process mapping of relevant activities and share results with the class

17:0017:15

Break

10:00 - 11:00

17:1518:15

KRIs for information security risks

09:00 - 10:00

  • Information security risk assessment method: case study
  • Key controls in information and cyber security
  • KRIs for information security: exposure, failures and stress indicators
  • Reporting and governance on KRIs
  • Reassess your current indicators and select appropriately

18:1518:15

End of Day 2

10:00 - 11:00

15:0016:00

KRIs for project risk management and validation

10:00 - 11:00

  • Identifying and monitoring risk
  • Applications of ML in different risk areas
  • Reducing credit risk
  • Enforcing regulatory compliance: risk profiling and fairness
  • Mitigating MLs own risk to the business model

16:0016:15

Break

10:00 - 11:00

16:1517:15

Indicators for conduct and risk culture

10:00 - 11:00

  • Conduct and culture: metrics and behaviours
  • Case study of a conduct and culture change programme (2018)
  • Reporting on culture  
  • Other influences than KPIs

17:1517:30

Course Wrap-up

10:00 - 11:00

  • What have you learnt and how will you apply it
  • Q&A

17:3017:30

End of course

10:00 - 11:00