Loading EVENTS
  • This event has passed.

Best Practice in Operational Risk Management

Bahrain 28 – 29 OCTOBER 2019
 GULF HOTEL MANAMA / Kingdom of Bahrain

BACKGROUND

From risk environement to risk culture, the course covers in breadth and depth the most topical elements of operational risk management and its challenges for the financial services industry.

Taught by a world leading expert in the field and highly regarder guest speakers, the course is a must-have for all the operational risk practitioners wishing to benchmark their practice and discuss best practices. It is also a fantastic opportunity for newcomers to gain a comprehensive overview what modern operational risk managers need to know.

Delegates will leave the course equipped with a new network of practitioners, a wealth of content, additional references and readings, and an open line for further questions with the trainer, Ariane Chapelle.

Key Objectives and Learning Outcomes

 After the course, participants will know about:

  • Best practices in Risk Management Framework
  • Maturity and Quality criteria in ORM
  • Governance and 3 lines of defense
  • Tools for risk identification
  • Risk Assessment methods
  • Quantifying rare events and cyber risk
  • Key control in cyber risk and information security
  • Selecting and designing preventive KRIs
  • How to differentiate and address human errors
  • How to use root cause analysis most effectively
  • Best practice in Outsourcing risk management and project risk management
  • Golden rules in risk reporting and risk communication

Who Should Attend

  • Director and heads of Operational Risk
  • Entreprise Risk Managers
  • Operational Risk Managers
  • Internal Auditors
  • Compliance officers
  • RegulatorsTiming of the training sessions & outline

 

DAY ONE:

Framework, Risk Assessment & Cyber risk management

Session 1: Risk Management Framework and Governance

  • Operational Risk trends and emerging risks
  • Governance of Operational Risk: roles and responsibilities, 3 lines of defense 1st line and  2d line: The Partnership Model
  • ORM Maturity & Best Practice Criteria

Workshop and discussion: benchmark your ORM practices to your peers and wider market.

Session 2: Risk Identification & Assessment

  • Tools and techniques for risk identification
  • Risk register: a list vs. Risk connectivity: network of risks
  • Definition and rules for Risk and Control Self Assessment
  • Impact and likelihood scales
  • Links with risk appetite

Class Exercise: Apply risk assesement to some of your risks

Session 3: Risk Appetite Definition, Statement and Communication

  • Industry guidance on Risk Appetite
  • Definition and Governance: Communicating Risk Appetite
  • Risk Appetite Statements: Features, Templates and Examples
  • Cascading and Monitoring Risk Appetite: RCSA and indicators

Class Exercise: express risk appetite, tolerance and limits for two of your top risks

Session 4: Cyber risk and scenario quantification: case study

  • Case study on information security
  • Taxonomy of information security risks
  • Key controls on information and cyber security: behavioural and technical controls
  • Assessing rare events – case studies: scenarios assessment of IT disruption, cyber attacks and other data leaks

Class Exercise: Scenario idenfication in Cyber security

DAY TWO

Session 1: Outsourcing and Project risk management

  • Risk Identification in Outsourcing and Change Management
  • Risk ratings of third parties
  • Risk ratings of projects
  • Key steps and controls in outsourcing risk, and the role of the risk function
  • Key steps and controls in project and execution risks and the role of the risk function
  • Post-evalution

Class debate and sharing of best practice

Session 2: Root causes analysis and Control Design

  • Slips and mistakes: Typology and causes of human errors
  • Effective vs. Illusory controls
  • Root cause analysis: identifying patterns of failures
  • Bow-tie: a most effective tool to define KRIs and controls
  • Mitigation: options and roles of external insurance

Exercise: apply the bow-tie to one of your incident; share the lesssons learned

Session 3: Designing and Selecting Preventive Key Risk Indicators

  • KRI, KPI, KCIs: concepts,overlaps and examples
  • Essential features of preventive KRIs
  • Classifying KRIs: Environmental, Stress, Causal and Failure
  • KRI Design: Frequency – Trigger levels – Escalation criteria – Ownership – Data accuracy
  • Six steps to define and design preventive KRIs

Class Exercise: Select and design some relevant KRIs for your key risks

Session 4: Risk Reporting and Risk Communication

  • The role of incident data collection
  • Data features: core losses and tail risks
  • Three golden rules of reporting
  • Management information: the “reporting cake”
October 28 2019

Venue

Gulf Hotel – Manama Kingdom of Bahrain

Gulf Hotel - Manama - Bahrain
Manama, Bahrain

Schedule

  • Training day: 8:30 am - 17.00 pm
  • Session 1: 9:30 am - 10.30 am
  • Coffee break
  • Session 2: 10:45 am - 12.45 pm
  • Lunch break
  • Session 3: 13.30 pm - 14:45 pm
  • Coffee break
  • Session 4: 15.00 pm - 17.00 pm
  •  
Best Practice in Operational Risk Management
28 - 29 Oct 2019

Bahrain 28 – 29 OCTOBER 2019
 GULF HOTEL MANAMA / Kingdom of Bahrain

BACKGROUND

From risk environement to risk culture, the course covers in breadth and depth the most topical elements of operational risk management and its challenges for the financial services industry.

Taught by a world leading expert in the field and highly regarder guest speakers, the course is a must-have for all the operational risk practitioners wishing to benchmark their practice and discuss best practices. It is also a fantastic opportunity for newcomers to gain a comprehensive overview what modern operational risk managers need to know.

Delegates will leave the course equipped with a new network of practitioners, a wealth of content, additional references and readings, and an open line for further questions with the trainer, Ariane Chapelle.

Key Objectives and Learning Outcomes

 After the course, participants will know about:

  • Best practices in Risk Management Framework
  • Maturity and Quality criteria in ORM
  • Governance and 3 lines of defense
  • Tools for risk identification
  • Risk Assessment methods
  • Quantifying rare events and cyber risk
  • Key control in cyber risk and information security
  • Selecting and designing preventive KRIs
  • How to differentiate and address human errors
  • How to use root cause analysis most effectively
  • Best practice in Outsourcing risk management and project risk management
  • Golden rules in risk reporting and risk communication

Who Should Attend

  • Director and heads of Operational Risk
  • Entreprise Risk Managers
  • Operational Risk Managers
  • Internal Auditors
  • Compliance officers
  • RegulatorsTiming of the training sessions & outline

 

DAY ONE:

Framework, Risk Assessment & Cyber risk management

Session 1: Risk Management Framework and Governance

  • Operational Risk trends and emerging risks
  • Governance of Operational Risk: roles and responsibilities, 3 lines of defense 1st line and  2d line: The Partnership Model
  • ORM Maturity & Best Practice Criteria

Workshop and discussion: benchmark your ORM practices to your peers and wider market.

Session 2: Risk Identification & Assessment

  • Tools and techniques for risk identification
  • Risk register: a list vs. Risk connectivity: network of risks
  • Definition and rules for Risk and Control Self Assessment
  • Impact and likelihood scales
  • Links with risk appetite

Class Exercise: Apply risk assesement to some of your risks

Session 3: Risk Appetite Definition, Statement and Communication

  • Industry guidance on Risk Appetite
  • Definition and Governance: Communicating Risk Appetite
  • Risk Appetite Statements: Features, Templates and Examples
  • Cascading and Monitoring Risk Appetite: RCSA and indicators

Class Exercise: express risk appetite, tolerance and limits for two of your top risks

Session 4: Cyber risk and scenario quantification: case study

  • Case study on information security
  • Taxonomy of information security risks
  • Key controls on information and cyber security: behavioural and technical controls
  • Assessing rare events – case studies: scenarios assessment of IT disruption, cyber attacks and other data leaks

Class Exercise: Scenario idenfication in Cyber security

DAY TWO

Session 1: Outsourcing and Project risk management

  • Risk Identification in Outsourcing and Change Management
  • Risk ratings of third parties
  • Risk ratings of projects
  • Key steps and controls in outsourcing risk, and the role of the risk function
  • Key steps and controls in project and execution risks and the role of the risk function
  • Post-evalution

Class debate and sharing of best practice

Session 2: Root causes analysis and Control Design

  • Slips and mistakes: Typology and causes of human errors
  • Effective vs. Illusory controls
  • Root cause analysis: identifying patterns of failures
  • Bow-tie: a most effective tool to define KRIs and controls
  • Mitigation: options and roles of external insurance

Exercise: apply the bow-tie to one of your incident; share the lesssons learned

Session 3: Designing and Selecting Preventive Key Risk Indicators

  • KRI, KPI, KCIs: concepts,overlaps and examples
  • Essential features of preventive KRIs
  • Classifying KRIs: Environmental, Stress, Causal and Failure
  • KRI Design: Frequency – Trigger levels – Escalation criteria – Ownership – Data accuracy
  • Six steps to define and design preventive KRIs

Class Exercise: Select and design some relevant KRIs for your key risks

Session 4: Risk Reporting and Risk Communication

  • The role of incident data collection
  • Data features: core losses and tail risks
  • Three golden rules of reporting
  • Management information: the “reporting cake”
Download
Register