The IOR is delighted to announce the release of the first three in a series of updated Sound Practice Guidance documents for risk managers. The first three documents focus on Risk Culture, Risk Appetite and Embedding an Operational Risk Management Framework and are available for download (behind the members’ section of the website). The remaining titles will be published in the coming weeks.
We are grateful to Sword GRC for kindly sponsoring the series and to Simon Ashby, FIOR, Professor of Financial Services, Vlerick Business School for his valuable work writing these SPGs.
Prof. Ashby explains more here:
This guidance explains how risk culture may be identified, assessed, and controlled to help reduce the frequency and severity of operational risk events. It must be emphasized that there is no one optimal risk culture, nor are the universal characteristics of a ‘strong’ or ‘weak’ risk culture.
The need for effective operational risk management is more acute than ever. Events such as the global financial crisis or the COVID-19 pandemic highlight the far-reaching impacts of operational risk and the consequences of management failure. In the light of these and numerous event organisations must ensure that their policies, procedures, and processes for the management of operational risk meet the needs of their stakeholders.
Prof. Ashby comments:
“In the new world of living with COVID-19 operational risk is once again in the spotlight. I hope that organisations and their risk professionals will seize the opportunity to review and improve their operational risk management practices. These guides provide a great place to start.
As the modern world becomes increasingly complex people and organisations must learn how to live with operational risk. Once again the COVID-19 pandemic has put operational risk in the spotlight and highlighted the consequences of poor practice. There has never been a more important time to review and improve the management of operational risk”.
This guidance is designed to complement existing standards and codes for risk management (e.g. ISO31000). The aim is to provide guidance that is both focused on the management of operational risk and practical in its application. In so doing, this is a guide for operational risk management professionals, to help them improve the practice of operational risk in organisations.
Readers looking for a general understanding of the fundamentals of operational risk management should start with the IOR’s Certificate in Operational Risk Management.
Not all the guidance in these documents will be relevant for every organisation or sector. However, it has been written with the widest possible range of organisations and sectors in mind. Readers should decide for themselves what is relevant for their current situation. What matters is gradual, but continuous improvement.
Although there is no one-size-fits-all approach to the management of operational risk, it is important that organisations benchmark and improve their practice on a regular basis. This is one of a series of papers, which provides practical guidance on a range of important topics that span
the discipline of operational risk management.
Keith Ricketts, VP of Marketing, Sword GRC adds:
“We at Sword GRC are very excited about this new partnership with the Institute of Operational Risk and the opportunity to sponsor the series of Sound Practice Guides that inform readers concisely about complex risk management issues. Authoritative content that educates can only be valuable to practitioners and executives alike.”