IORM Integrated Operational Risk Management
The abbreviation IORM is not a new product of one of the largest computer manufacturers. The “I” stands for “integrated” in the sense of an approach that brings together the different parts of operational risk management into a meaningful whole for the benefit of all concerned.
This integrative, holistic approach was the central theme of the forum on Operational Risk 10th May in Cologne.
It was about working with the mainstays of Operational Risk Management namely Legal, Compliance and Insurance Management.
The weaknesses of the approach of “Every Man for Himself” were pointed out as well as many redundancies in tasks and procedures and instruments used in reporting. Board members often have to deal with reports from various fields whose contents overlap each other, but ultimately do not match.
For IORM communication and cooperation are crucial and a challenge for the leadership culture. Ways and examples were shown how the IORM in the organisation can be developed -‐ bilateral service level agreements and regular exchanges of lessons learned and planned projects and many more.
We have to focus on the causes, including the familiar “knowledge is power -‐ why should I share this power?”. To develop incentives for behavioural change is the challenge.
The second focus of the forum was the approach of IORM related to the operational risk-‐related types of risk. Especially the use of the reputational risk in practice was highlighted and, what a surprise, it shows a very heterogeneous picture with good examples, but also various improvement approaches.
Any consideration of the “financial industry” is important to note that supervision is not only on the amount of time, but also actively contributes to the further development process.
The forum was an open, lively exchange between the speakers, panellists and participants. It is hoped that an idea or two finds its realisation in practice.