Chapter 1 Flash Cards
What is operational risk?
The risk of loss resulting from inadequate or failed internal processes, people and systems or from external events
What are the four primary causal factors of operational risk?
Processes, people, systems, external events
What are the two most common operational risk manifestations?
Business continuity risk and systems/IT risk
Name four common operational risk impacts
Financial efficiency, service, reputation, lost business opportunities
What links cause, event and impact?
The bow-tie model
What goes between cause and event in the bow-tie model?
Preventative controls
What goes between event and impact in the bow-tie model?
Corrective controls
What are the four components of the operational risk management process?
Risk identification, risk assessment, risk response, risk monitoring/reporting
What is the first line of defence in risk governance?
The business units
What is the second line of defence in risk governance?
Central risk management functions
What is the third line of defence in risk governance?
Internal audit
What does RCSA stand for?
Risk and control self assessment
What do risk indicators measure?
Exposure to key risks
What do control indicators measure?
Effectiveness of key controls
What are near misses in operational risk?
Events that could have caused loss but did not