Best Practice in Operational Risk Management with Dr. Ariane Chapelle

Agenda Program
divider graphic
Prague, NH Hotel Prague
divider graphic

Key Objectives and Learning Outcomes

Identification of emerging risks
Risk networks rather than risk registers
Implementing ORM: the invisible framework
Selecting and designing preventive KRIs
How to differentiate and address human errors
How to use root cause analysis most effectively
Influencing behaviours for better control
Risk Reporting and Conduct reporting
Building a framework for risk culture change
From risk environment to risk culture.

The course covers in breadth and depth the most topical elements of operational risk management and its challenges for the financial services industry.

Taught by a world leading expert in the field and highly regarded guest speakers, the course is a must-have for all the operational risk practitioners wishing to benchmark their practice and discuss best practices. It is also a fantastic opportunity for newcomers to gain a comprehensive overview what modern operational risk managers need to know.

Delegates will leave the course equipped with a new network of practitioners, a wealth of content, additional references and readings, and an open line for further questions with the trainer, Ariane Chapelle.

Who Should Attend
  • Heads of Operational Risk
  • Enterprise Risk Managers
  • Operational Risk Managers
  • Operations Managers
  • Internal Auditors
  • Compliance officers
  • Consultants
  • Regulators

Program of the seminar: Best Practice in Operational Risk Management with Dr. Ariane Chapelle

The seminar timetable follows Central European Time (CET).

Day One

Operational Risk Framework, Risk Assessment and KRIs

09.00 - 12.15

Session 1: Operational Risk Framework and Governance

  • Operational Risk trends and emerging risks
  • Governance of Operational Risk: roles and responsibilities
  • 1st line and 2d line: The Partnership Model
  • Business value of Operational Risk Management
  • Workshop and discussion: the business case for operational risk management

Session 2: Risk Identification & RCSA

  • Tools and techniques for risk identification
  • Risk register: a list
  • Risk connectivity: network of risks
  • Definition and rules for RCSAs
  • Tool: Impact / probability matrix: format and meaning
  • Usage and choice when defining RCSAs
  • Class Exercise: Apply an RCSA to your top risks

12.15 - 13.15 Lunch

13.15 - 17.00

Session 3: Root causes analysis and Control Design

  • Slips and mistakes: Typology and causes of human errors
  • Effective vs. Illusory controls
  • Root cause analysis: identifying patterns of failures
  • Bow-tie: a most effective tool to define
    • Preventive and corrective controls
    • Leading KRIs
    • Risk likelihood and expected impact
  • Prevention by Design
  • Exercise: apply the bow-tie to one of your incident; share the lessons learned

Session 4: Designing and Selecting Preventive Key Risk Indicators

  • KRI, KPI, KCIs: concepts, overlaps and examples
  • Essential features of preventive KRIs
  • Classifying KRIs: Environmental, Stress, Causal and Failure
  • KRI Design: Frequency - Trigger levels - Escalation criteria - Ownership - Data accuracy
  • Six steps to define and design preventive KRIs
  • Class Interaction: review your KRI list

Day Two

Risk Appetite, Scenarios and Risk Culture

09.00 - 12.15

Session 5: Risk Appetite Definition, Statement and Communication

  • Industry guidance on Risk Appetite
  • Definition and Governance: Communicating Risk Appetite
  • Risk Appetite Statements: Features, Templates and Examples
  • Cascading and Monitoring Risk Appetite: RCSA and indicators
  • Class Exercise: express risk appetite, tolerance and limits for two of your top risks

Session 6: Scenario Analysis: Application to Cyber risk

  • Brainstorming and workshop techniques to identify scenario
  • Scenario assessment: structure and method to mitigate behavioural biases
  • Assessing rare events
  • Examples: scenarios assessment IT disruption, cyber-attacks and information security incidents
  • Class Exercise: Applied scenario structuring

12.15 - 13.15 Lunch

13.15 - 17.00

Session 7: Reporting and Escalation

  • The role of incident data collection
  • Data features: core losses and tail risks
  • Three golden rules of reporting
  • Management information: the "reporting cake"
  • Class interaction: best practice and sharing of experience

Session 8: Risk Culture and Conduct

  • Defining Risk Culture
  • Key objectives, key behaviours
  • Case study: conduct metrics & culture change programme
  • Influencing behaviours: a framework

Evaluation and Termination of the Seminar

Training catalogue in PDF
arrow-up icon