Presentation is loading. Please wait.

Presentation is loading. Please wait.

Challenges of Linking Operational Risk Data

Published byHelena Cole Modified over 6 years ago

Similar presentations

Presentation on theme: "Challenges of Linking Operational Risk Data"— Presentation transcript:

1 Challenges of Linking Operational Risk Data
Sophie Dupré, Head of Organisational Risk - Barings The opinions expressed are personal opinions and may change as subsequent conditions vary. The information and opinions contained in this material are derived from proprietary and non-proprietary sources deemed by Barings to be reliable, are not necessarily all inclusive and are not guaranteed as to accuracy.  Reliance upon information in this material is at the sole discretion of the reader. CONFIDENTIAL BISLDCLS\CORPORATE\COMPLIANCE-RISK\NONE

2 Making Sense of Operational Risk Data The challenges
How can Operational Risk help the Business manage operational risk? How can they add value? One answer is: by supporting the ongoing identification and measurement of risk through the effective use of operational risk data. As Operational Risk practices mature, organisations acquire greater volumes and more complex data. BISLDCLS\CORPORATE\COMPLIANCE-RISK\NONE

3 Making Sense of Operational Risk Data Data gathering
Actions Internal losses/events Issues External events Audit reports Key Risk Indicators • The report should be made in ARC Logics within 5 business days of the incident resolution date. Risk and control self assessment Risk Reviews Key Risk register BISLDCLS\CORPORATE\COMPLIANCE-RISK\NONE

4 Making Sense of Operational Risk Data Linkage
Quantity is not quality: rubbish in, rubbish out How to make sense of all this data? Data needs to be organised: Linkage Incident reports, internal or external, and risk indicators should be mapped to risks, which in turns link to processes. Business RCSAs should be undertaken on those same risks with reference to this risk data. With these links in place, it is easier to identify when risks are changing. Incidents are no longer a series of errors but points to inefficient processes and prompt the re-assessment of risks. Risk indicators breaches no longer need to be assessed in isolation. BISLDCLS\CORPORATE\COMPLIANCE-RISK\NONE

5 Making Sense of Operational Risk Data Data linkage
Assessment of risks Risk and control library External events • The report should be made in ARC Logics within 5 business days of the incident resolution date. Issues and actions Risk Indicators Internal loss/events BISLDCLS\CORPORATE\COMPLIANCE-RISK\NONE

6 External Data Where do we get it from? How do we know it’s reliable?
What do we use it for? How do we make it relevant to our business? How do we make sense of it? Sometimes v big numbers……

7 Making Sense of Operational Risk Data Aggregation
Once data is organised by linking to the Risk and Control Library, it helps identifying the areas of concerns and change. But this is not the full answer. Linkage is not fully efficient without classification and aggregation. Categorisation and aggregation Risks should be aggregated across business areas and into risk categories such as top/key risks. There are many ways, from the simplest to the more complex, to aggregate risks. Average or median sub-risk Weighted average of sub-risks Highest risk materiality (combination of impact and probability) across sub-risks Addition of risk materialities BISLDCLS\CORPORATE\COMPLIANCE-RISK\NONE

8 Making Sense of Operational Risk Data Data linkage and aggregation
Risk Profile Classification and aggregation Assessment of risks Risk and control library • The report should be made in ARC Logics within 5 business days of the incident resolution date. External events Issues and actions Risk Indicators Internal loss/events BISLDCLS\CORPORATE\COMPLIANCE-RISK\NONE

9 Making Sense of Operational Risk Data The path to ‘’enlightenment’’
Data collection Quality checking Organise & Manage Information Insight/ Knowledge Requirements Needs to be timely; Needs to be accurate; Needs to be appropriately recorded. Support and control Usage test – can it be used? Provide guidelines and examples (what good data looks like) Provide regular training Audit the quality of data periodically or regularly (e.g. loss/event report sign-off) Risk and control taxonomy Analysis and recommendations Forward looking Improved decision making Provide assurance that risks are being identified and managed efficiently Direct resources to areas of highest risk / Prioritise efforts Reporting Accuracy Timeliness Relevant content Configurability Trend Analysis Relevant to the business Rigorously enforced Used to categorise all risk data Incidents must be reported by the area where it was discovered as soon as it is identified and no later than the close of business day after discovery. • The report should be made in ARC Logics within 5 business days of the incident resolution date. Risk System Aggregation and skills To unlock the full potential of operational risk data, the key is: Classification and aggregation; and Business knowledge and risk experience. Forms and templates ensure consistent reporting Data input validation improves data completeness and accuracy Approval workflow enables audit and oversight Libraries and taxonomies ensure consistent classification Reminders and calendars improves timeliness BISLDCLS\CORPORATE\COMPLIANCE-RISK\NONE

Download ppt "Challenges of Linking Operational Risk Data"

Similar presentations

Data Quality Considerations

Data Quality Considerations
Draft Operational procedures for registry systems 09 November 2004 Bonn, Germany Technical Breakout Group.

Draft Operational procedures for registry systems 09 November 2004 Bonn, Germany Technical Breakout Group.
Quality evaluation and improvement for Internal Audit

Quality evaluation and improvement for Internal Audit
1 Assuring the Quality of your COSF Data. 2 What factors work to improve the quality of your data? What factors work to lessen the quality of your data?

1 Assuring the Quality of your COSF Data. 2 What factors work to improve the quality of your data? What factors work to lessen the quality of your data?
Purpose of the Standards

Purpose of the Standards
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 27 Slide 1 Quality Management 1.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 27 Slide 1 Quality Management 1.
S/W Project Management

S/W Project Management
PDHPE K-6 Using the syllabus for consistency of assessment © 2006 Curriculum K-12 Directorate, NSW Department of Education and Training.

PDHPE K-6 Using the syllabus for consistency of assessment © 2006 Curriculum K-12 Directorate, NSW Department of Education and Training.
SRA Enabling Programme SRA Board Meeting – Public Session Carey Street, London 26 th February 2009.

SRA Enabling Programme SRA Board Meeting – Public Session Carey Street, London 26 th February 2009.
Guidance Notes on the Investigation of Marine Incidents

Guidance Notes on the Investigation of Marine Incidents
Compliance Performance Measure Proposals and Preliminary Trends Greg Pierce – Chair, Performance Measures Task Force Compliance and Certification Committee.

Compliance Performance Measure Proposals and Preliminary Trends Greg Pierce – Chair, Performance Measures Task Force Compliance and Certification Committee.
Event Management & ITIL V3

Event Management & ITIL V3
Supporting Industry Change Planning: Risk & Milestone Assessment Process & Tools 07/07/2014.

Supporting Industry Change Planning: Risk & Milestone Assessment Process & Tools 07/07/2014.
Requirements validation Csaba Veres. What is it? Validation is the process of checking the requirements document for –completeness –consistency –accuracy.

Requirements validation Csaba Veres. What is it? Validation is the process of checking the requirements document for –completeness –consistency –accuracy.
Performance Measure Recommendations Greg Pierce – Chair, Performance Measures Task Force Compliance and Certification Committee Meeting September 8-9,

Performance Measure Recommendations Greg Pierce – Chair, Performance Measures Task Force Compliance and Certification Committee Meeting September 8-9,
Copyright 2010, The World Bank Group. All Rights Reserved. Principles, criteria and methods Part 2 Quality management Produced in Collaboration between.

Copyright 2010, The World Bank Group. All Rights Reserved. Principles, criteria and methods Part 2 Quality management Produced in Collaboration between.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 6-1 Chapter Six Internal Control in a Financial Statement Audit.

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 6-1 Chapter Six Internal Control in a Financial Statement Audit.
Quality Frameworks: Implementation and Impact Notes by Michael Colledge.

Quality Frameworks: Implementation and Impact Notes by Michael Colledge.
Session 11 & 12. Auditing standard of I.A. & A.D. Prescribes: Auditor should report about weakness in Internal Control of management (Para 7.1.) Weakness.

Session 11 & 12. Auditing standard of I.A. & A.D. Prescribes: Auditor should report about weakness in Internal Control of management (Para 7.1.) Weakness.
Self Assessment SELF ASSESSMENT FOR YOU Ann Pike 30 th September 2010.

Self Assessment SELF ASSESSMENT FOR YOU Ann Pike 30 th September 2010.

Similar presentations

Ads by Google