Chapter 13: Incident Data Collection

Question 1

What is the definition of “Incident Data Collection”?

Answer 1

The process of gathering detailed information about incidents and events that may pose risks to the organisation.

Question 2

What is the Importance of “Incident Data Collection”?

For identifying what, what does this support?

Answer 2

• Identifying root causes, patterns and improvng risk management
• Aids with reg compliance

Question 3

What are the 4 data collection methods?

Answer 3

• Automated systems: Software to capture and log incidents in real time
• Manual Reporting: Staff report incidents through forms / channels
• Audits and reviews
• Using existing soucres: general ledgers, client complaints, IT logs and legal provisions to collect incident data.

Question 4

When discussing loss reporting, why is “Data Beyond Regulation” important?

Why might reporting data for regs actually help the firm?

Answer 4

It not only meets data requirements but can also improve the profitability and internal controls.

Question 5

What is the link between loss data reporting and Basel II?

Answer 5

Collecting and analyzing high-quality loss data improves governance and reduces capital addons under regulatory frameworks.

Question 6

Is loss data a major driver of regulatory capital requirements?

If so, under which regulations?

Answer 6

Yes.

Under Basel regulations (AMA and SMA)

Question 7

What are the BCBS data quality requirements?

How many years history period and threshold?

Answer 7

10 years and a 20,000 EUR threshold

Must be reviewed indepdently.

Question 8

What is meant by a firms “Broader View”, when comparing Losses Vs. Incidents?

What will they track that regulators wont?

Answer 8

Organizations will also track “incidents” (e.g., near misses, unintentional gains, incidents
without direct financial impact), not just losses

Question 9

What is the definition of a “Near miss”?

Answer 9

Avoided losses by luck or by accident outside of normal controls.

Question 10

What type of losses do regulators focus on (Basel Committee)?

What do they ignore?

Answer 10

Basel Committee focuses only on directly identifiable financial losses for regulatory purposes, ignoring other operational incidents.

Question 11

What is a “Direct loss”?

Give examples

Answer 11

An immediate financial consequence e.g. client compensation or a regulatory fine

Question 12

What is meant by the “Non-financial impacts fallacy”?

What can happen if this has not been taken into account?

Answer 12

Non-financial impacts have real financial consequences. Failing to identify them properly leads to underestimating operational risk costs.

Question 13

What is an “Indirect loss”?

Give examples

Answer 13

Resulting impacts that can have knock on financial loss, like loss of customers or reputational damage

Question 14

When recording data, why is it important to stick to essential data fields?

Answer 14

To avoid over-reporting. Use drop-down menus to ensure consistency in reporting risks, causes, impacts, and controls

Question 15

What is the difference between Net and Gross Losses?

Answer 15

Net includes reimbursements; gross is total impact

Question 16

What are the thresholds in data loss reporting?

Can these be manipulated?

Answer 16

Vary from zero to €20,000; must be justified and not manipulated.

Question 17

What are the 4 key dates when reporting an incident?

Answer 17

• Date of discovery (first identified)
• Date of occurrence (when it actually happened)
• Date of reporting (entered into database)
• Date of accounting (when financial impacts occur on the GL)

Question 18

When should material incidents be reported (No. Days)?

What about for smaller events?

Answer 18

Within 2-5 days, minor incidents can be summarised periodically.

Question 19

What is meant by “Grouped losses”?

Why might this be necessary?

Answer 19

Combine multiple events from the same failure into one loss for accurate reflection.

Question 20

Should a company use potential impact, not actual losses when guaging severity?

What are severity bands?

Answer 20

Yes, near misses and unintentional gains should be treated like actual losses.

Use severity bands (e.g., >10k, >100k) for ease.

Question 21

What are the steps in the incident data collection process?

4 Rs, 1 A (NOTE: Reporting sandwich)

Answer 21

• Reporting: Establish a clear and acessible reporting system.
• Recording: Use standardised forms and fields to record incidents
• Reviewing: Regularly review and validate the data collected
• Analysing: Analyze the data to find root cause and trend
• Reporting: Generate regular reports for management and rregulatory bodies.

Question 22

What is meant by a boundary event?

When the risk impact materialises where?

Answer 22

Boundary events occur when the impact materializes in a different risk class than
the cause (e.g., a credit loss due to an operational error).

Question 23

What are the types of incident data?

There are 3.

Answer 23

• Internal Data
• External Data
• Near miss data

Question 24

What are the challenges with data collection?

There are 4.

Answer 24

• Under reporting: Fear of blame or repercussions limit this.
• Data Quality: Ensuring completness and accuracy.
• Integration: Combining sources can lead to inconsistency.
• Timeliness: Delays in reporting can affect accuracy and usefulness.

Question 25

What is the Basel Committeee approach to Boundary Event Reporting? ## Footnote Recording records in what line of business?

Answer 25

Basel suggests recording events **where they materialize**, as long as credit losses are covered by risk-weighted capital, without untangling causes.

Question 26

Compared to the Basel approach, what is the management perspective on where to record "Boundary Events"? ## Footnote What issue can this cause? ARIGINAL!!!

Answer 26

* Many firms reclassify boundary events to their original risk class, especially for significant losses. This practice can face resistance from business lines, especially for small, recurring events.

Question 27

What is the purpose of regulatory focus in data management? ## Footnote Ensures the completion of what fields?

Answer 27

Ensures completeness and accuracy of key fields such as dates, loss classifications, group loss consolidation, and comparison of expected vs. settled losses.

Question 28

How do regulators assess comprehensive data collection? ## Footnote What techniques/bodies do they also use?

Answer 28

By evaluating the breadth of incident reporting and validating data through reconciliations with the general ledger, internal audit, or third-party reviews.

Question 29

What role does the General Ledger (GL) play in data collection?

Answer 29

It is a valuable source for identifying operational losses, though its usability depends on ledger rubrics.

Question 30

How are IT logs utilised in operational risk management? ## Footnote How many priorities are there?

Answer 30

Priority 1 and 2 incidents often feed directly into the operational risk database.

Question 31

What are some other sources of data that can benefit operational risk management? ## Footnote Law, CaaSm, IL4U and BBC

Answer 31

Provisions for lawsuits, customer complaints, compensations, and media alerts.

Question 32

Why should firms integrate data collection across departments? ## Footnote What should be leveraged instead?

Answer 32

To reduce effort, duplication, and improve data quality by leveraging existing databases rather than using standalone systems.