Risk governance is the architecture within which risk management operates in an organisation. It will reflect, and seek to sustain and evolve, the organisation’s risk culture. Since risk management is fundamental to running any business, risk governance is a fundamental part of corporate governance. The British Standard BS13500 defines governance as: ‘system by which the whole organization is directed, controlled and held accountable to achieve its core purpose over the long term’. The UK Corporate Governance Code states that ‘good governance should facilitate efficient, effective and entrepreneurial management that can deliver the long-term success of the company’. Good risk governance should result in risk being accepted and managed within known and agreed risk appetites.
As shown in the IOR website diagram on Sound Practice Guidance, governance sits at the top providing the basis for direction, control and accountability. However all the subjects covered within the SPGs should be considered when setting up or working within an operational risk management environment.
Risk governance should put in place a structure of risk responsibility throughout the organisation. As a result, everybody in the organisation will be aware of their own risk responsibilities and accountabilities and those of others with whom they work. Governance delivers effective accountability, including the accountability of the governing body to its owners.
Risk governance is an integral part of the day to day running of the business and is not about just complying with a set of rules. Since operational risk management involves everybody in the organisation, the risk governance framework should encompass everybody. That means that it can only operate successfully if there are clear and effective lines of communication both up and down the organisation and a culture in which good and bad news is allowed to travel freely.
This update in 2015 to the Operational Risk Governance Sound Practice Guidance paper originally developed in 2010, builds on the original paper, providing updates to the work, including reference and support to the published British Standard on Governance BS 13500. Governance is a word often used or misused in relation to the overall Leadership of an organization and this SPG looks to help Operational Risk Professionals to deliver effective Risk Governance in their organization.
IOR Admin, , IOR News, 0
The Institute of Operational Risk has partnered with the Center for Financial Professionals to conduct an important international survey...
IOR Admin, , IOR News, 0
Again this year, the IOR is supporting the Risk Management Awards. As a result of our involvement, there are...
Zaq Mughal, , IOR News, 0
IOR members are encouraged to enter the Risk Management Awards 2016 NOMINATION DEADLINE EXTENDED TO 27TH JULY 2016! ...
IOR Admin, , IOR News, Scottish Chapter, 0
Details of the 6th of June 2017 Scottish Chapter Breakfast Event are now available here.
Lee Evans, , IOR News, 0
Members of the IOR may now download the latest edition of the SPG series, Risk Control Self-Assessement. Summary The...
CFP approved slides now available for the New Generation Operational Risk | Regulation, Data, KRIs & Cyber Congress eventZaq Mughal, , IOR News, 0
CFP’s New Generation Operational Risk series started earlier this year in London and following its success the Congress went and...
- What event are you waiting for? December 14, 2018In one of my previous articles, the Hollywood Principle, I introduced the concept of an event-drive
- CBA bows to the inevitable with Apple Pay roll out December 14, 2018Commonwealth Bank of Australia has caved over its often acrimonious hold-out against Apple Pay, conf...
- Sberbank rolls out Pay-QR for mobile contactless payments December 14, 2018Sberbank has launched a project in 42 Russian cities involving Pay-QR, a new smartphone app for inst...
- European CCPs welcome Brexit no-deal ruling December 14, 2018Against the background of a hard Brexit and increasing risks to financial stability, the European As...
- FCA publishes new rule on APP fraud complaints December 14, 2018The Financial Conduct Authority (FCA) has today published new rulesallowing victims of Authorised Pu...