Operational risk management revolves around four key elements: controls, monitoring, policies and procedures, and environment. Controls can be preliminary, concurrent, or postaction. Monitoring of controls is important to ensure they remain effective over time. Policies and procedures influence decisions and activities and ensure organizational views are translated into outcomes. Environmental factors like organizational culture also impact operational risk.

1. Drivers of
Operational
Risk
Management

2. ORM Revolves around 4 elements
 Control / Internal system
 Monitoring / Management supervision
 Policies and procedures / Objectives and
Standards
 Environment

3. 1. Control / Internal system
• Good internal control is good business — it helps organizations
ensure that operating, financial and compliance objectives are met.
• Many organizations are required to report on the quality of internal
control over financial reporting, compelling them to develop specific
support for their certifications
• Internal control is designed to assist organizations in achieving their
objectives.

4. Preliminary
• Sometimes called the feedforward controls, they are accomplished before a work activity
begins.
• They make sure that proper directions are set and that the right resources are available to
accomplish them.
Concurrent
• Focus on what happens during the work process. Sometimes called steering controls, they
monitor ongoing operations and activities to make sure that things are being done correctly.
Postaction
• Sometimes called feedback controls, they take place after an action is completed. They focus
on end results, as opposed to inputs and activities.
Types of Control

5. 2. Management supervision / Monitoring
• Monitoring Applied to the Internal Control Process

6. • Unmonitored controls tend to deteriorate over time.
• Monitoring, as defined in the COSO Framework, is implemented to help
ensure “that internal control continues to operate effectively.”
• When monitoring is designed and implemented appropriately,
organizations benefit because they are more likely to:
• Identify and correct internal control problems on a timely basis,
• Produce more accurate and reliable information for use in decision-making,
• Prepare accurate and timely financial statements, and
• Be in a position to provide periodic certifications

7. Policies & Procedures
Policies and procedures are designed
to influence and determine all major decisions and actions, and
all activities take place within the boundaries set by them.
Procedures are the specific methods employed to express policies
in action in day-to-day operations of the organization.
 Together, policies and procedures ensure that
a point of view held by the governing body of an organization is
translated into steps that result in an outcome compatible with that
view.

8. Environment
 Organizational Culture
 It includes an organization's expectations, experiences, philosophy, and
values that hold it together
 Also called corporate culture, it's shown in
 the ways the organization conducts its business, treats
its employees, customers, and the wider community,
 the extent to which freedom is allowed in decision
making, developing new ideas
 how power and information flow through its hierarchy, and
 how committed employees are towards collective objectives.