Sound Practice Guidance

These sound practice guidance papers are designed to assist companies implement the various components that make up a robust risk management framework as illustrated below:-

Sound Practice Guidance coverage of the Operational Risk Framework

Environment External and internal
Drivers Business strategy and objectives
Infrastructure
(Spans the Toolkit)
 

Governance

  
 

Appetite / Tolerance

Categorisation

Culture

  
Toolkit

Loss Events Internal

Loss Events External

Risk & Control Assessment

Key Risk Indicators

Scenarios

Key

Published
Being Developed
Proposed

Notes

  • With appropriate modification there is potential for wider application beyond Financial Services e.g. Events and near misses rather than losses or tolerance rather than appetite may be more relevant for other sectors;
  • Current coverage is subject to ongoing development. It is anticipated that other areas will be explored and added over time.



It is the Institute’s intention that these Guidance papers evolve over time as we receive feedback and suggestions from individuals/companies who have used them. If any reader of any Sound Practice Guidance has any experience or opinions that they believe may enhance the guidance offered, they should email standards@ior-institute.org
External Loss Events

Sound Practice Guidance

November 2011

IOR calls for firms to establish outward looking processes when it comes to external loss events

Current market complexities within the operating environment calls for an imperative need for businesses to establish outward looking processes, confirms the The Institute of Operational Risk (IOR).  The sixth in its series of Sound Practice Guidance papers on the topic of External Loss Events published today, examines how external loss events are a collection of cautionary tales.

The paper describes all the elements required for effective external loss events and their use in the operational risk management framework.   The paper looks in detail at the elements of external loss events, uses of external events and its use in operational risk capital modelling.

When an organisation looks only within its own four walls, or restricts its view to the closest identified peer organisations, it manages risk without using peripheral vision. As a result, it may fail to identify and address potentially catastrophic risks.

Read more
Add comment (0)
Hits: 1034
 
Risk Categorisation

Sound Practice Guidance

September 2011

A workable risk taxonomy - often referred to as risk categorisation - is one of the key challenges facing firms in their development of an operational risk framework. It can be regarded as the foundation upon which an operational risk framework is constructed.

The approach to risk categorisation is fundamental to the effective management of operational risk. It is applied across all operational risk framework components and risk management activities, crucially providing a common frame of reference for reporting which is the basis for subsequent attention and action and upon which meaningful quantification will depend.

It is important to recognise that risk categorisation will always need to be tailored to suit each individual organisation because, to be of benefit, it must be relevant to the business concerned and align to delivery infrastructure such as supporting IT systems.

De facto benchmarks, such as the Basel II Loss Event Type Classification adopted in the financial services sector, provide a useful starting point but are rarely implemented without modification as to do so would involve challenges in selecting the most appropriate category for a given event. Therefore the "mapping" of bespoke categories to the standard categories is a widely adopted practice - for example in order to participate in the sharing of information through loss data consortia.

The IOR Sound Practice Guidance paper highlights the benefits of a well-designed and properly implemented categorisation framework; explores different approaches to categorisation, the implementation of the framework and a number of challenges involved, together with solutions drawn from the practical experience of a variety of organisations.

The full paper is available ONLY to IOR Members in the Presentations and Papers section.

Members may view the full guide click here: iconRisk Categorisation

Add comment (0)
Hits: 2934
 
Key Risk Indicators

Sound Practice Guidance

November 2010

Risk indicators are an important tool within operational risk management, facilitating the monitoring and control of risk. In so doing they may be used to support a range of operational risk management activities and processes, including: risk identification; risk and control assessments; and the implementation of effective risk appetite, risk management and governance frameworks (see IOR Guidance on Risk Appetite and Risk Governance).

Despite their usefulness relatively little guidance exists on how to use risk indicators in an effective manner. Moreover it is an area that has proven to be particularly challenging for many organisations. Hence there is a need for further guidance in this area.

What follows is the IOR’s perspective on current sound practices in relation to the use of risk indicators to support the management of operational risk. In so doing, this guidance covers the role and purpose of risk indicators, the elements of an effective risk indicator framework and some important practical considerations relating to the use of such frameworks within an operational risk management context.

Read more
Add comment (0)
Hits: 112111
 
More Articles...
<< Start < Prev 1 2 Next > End >>

Page 1 of 2