Event Summary

Operational Risk Management

ISACA NY is hosting “Operational Risk Management” What Problem Does This Training Help Solve? Provides training on operational risk assessment, management, risk mitigation, risk acceptance, risk management methodologies, modeling, stress testing, KRIs, KCIs, BASEL II, BASEL III, and many other aspects of operational risk management Who Should Attend? Professionals interested in learning about operational risk control objectives, controls, methodologies, and risk management from HR, IT, process management, business units, senior management, CRO’s office, ORM office, internal audit, big 4, and ORM consultants This course evaluates operational risk exposures relating to the organization's governance, operations and information systems, in relation to: (a) Operational risk Governance (b) risk and control assessment (c) events and losses (d) indicators. Based on the results of the risk assessment, the student will be able to evaluate the adequacy and effectiveness of how risks are identified and managed and to assess other aspects such reporting, risk modeling, stress test, scenarios, business continuity, disaster recovery, insurance, internal audit, outsourcing risk, people risk, reputational risk, and strategic risk, communication of risk and control information within the organization in order to facilitate a good governance process. Special emphasis will be paid to BASEL II capital requirements for Operational Risk. The objective of the course is to develop professionals with an in‐depth understanding of the “Operational Risk Management” so that they will be able to provide necessary management skills regarding to provide assurance that: • ORM Internal controls are in place and are adequate to mitigate the risks, • Governance processes are effective and efficient, and • Organizational goals and objectives are met. COURSE OUTLINE: • What is operational risk‐ old definition and new definition of BIS/BASEL II • BASEL II ‐ Risk from people, failed processes, failed systems, and external events • Outside BASEL II‐ strategic risk, reputational risk, 95 types of risks • Operations risk vs. operational risk • Business case‐ BASEL II capital requirements for OR • Reserves, capital, and insurance based on L and I factors • ORM Framework‐ Governance, ORM policy, risk appetite, R&R for ORM • Setting up timeline for ORM – from project to a program • Risk and control assessment‐ risk owners, control owners • Events and losses‐ data collection, data reporting, external loss databases, near misses, BASEL II classification • Indicators‐ KRIs, KCIs, thresholds, targets, dashboards, leading and lagging indicators, periodicity • Reporting‐ styles, know the audience, dashboard reporting • ORM modeling‐ distributions, correlations, internal and external data, confidence level, capital Modeling, qualitative modeling • Eight business areas of BASEL II and seven types of ORM risks • Stress tests and scenarios analysis ‐ practical scenarios, near death experience, Gaussian curve, Outside 3‐standard deviations, Mandelbrot’s Chaos, black swan event, fat tail • Business continuity‐ process, applications, infrastructure, service delivery • Insurance • Three lines of ORM defense‐ management, oversight, and audit • Auditing ORM • ORM from outsourcing • People risk • Reputational risk • System failure risk‐ IT DR • BASEL II and BASEL III considerations • OR and ERM 2017 (COSO FW) • ORM, Dodd Frank, and FSOC’s OFR • ORM and systemic risk


Wednesday, June 13, 2018 - Thursday, June 14, 2018
8:30 AM - 5:00 PM


CohnReznick LLP
1301 Avenue of the Americas, 7th floor
Flatiron Conference Room.
New York, New York 10019


Education Committee

View Desktop Site