Chapter 2 - Key Learning Questions Flashcards

1
Q

What are the fundamentals components of a firm’s risk governance framework?

A

The fundamental components of the risk governance framework comprises of:
* the governing body,
* the risk owners,
* those who fulfil risk oversight functions and
* those who fulfil risk assurance.

(Section 2.1.1)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Do you understand how to distinguish operational risk as a discipline and as a function?

A

Operational risk as a discipline falls on every individual in a firm, as an inherent part of their day-to-day responsibilities. Operational risk as a function refers to the independent risk management department that oversees operational risk.

(Section 2.1.1)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the key aspects of the three lines of defence model?

A

The key aspects are: first line - risk owners; second line - risk oversight; third line - risk assurance

(Section 2.1.1)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What the key topics included within a firm’s operational risk policy?

A
  • Purpose and scope,
  • definitions,
  • risk appetite statement,
  • roles and responsibilities,
  • overview of ORM framework and
  • processes, ethical and behavioral guidelines,
  • glossary.

(Section 2.1.2)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the indicators of a robust and weak risk culture?

A
  • Robust: tone at the top, clear communication of values, clarity of roles and responsibilities, aligned incentives.
  • Weak: lack of commitment from leadership, poor communication, misaligned incentives.

(Section 2.1.3)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What does the concept of “use test” cover and how it can be applied to operational risk management?

A

It tests that operational risk tools and processes are actually embedded and used, not just developed to satisfy regulatory needs. This can be evidenced through meeting minutes, risk reporting, control assessments, etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How should changes to the internal and external business environment be considered for the management of operational risk?

A

Changes should be continually identified and risks reassessed accordingly on an ongoing basis, with review frequency based on risk criticality

(Section 2.1.5)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the key responsibilities and accountabilities of the governing body in management of operational risk?

A

Establishing strategy, risk appetite and culture; approving policies and roles; overseeing operational risk framework; holding management accountable.

(Section 2.3.1)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the key responsibilities and accountabilities of the risk committee in management of operational risk?

A

Primary risk oversight on behalf of board; advises on risk strategy, appetite and culture.

(Section 2.3.2)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the key responsibilities and accountabilities of the audit committee in management of operational risk?

A

Ensures appropriateness of financial reporting and controls; oversees internal audit.

Section 2.3.3)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are the key responsibilities and accountabilities of the risk management function in management of operational risk?

A

Oversight and challenge of risk management framework and policies; independent of business lines.

(Section 2.3.4)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the key responsibilities and accountabilities of the chief risk officer in management of operational risk?

A

Leadership and direction setting for risk management; policy development; establish risk framework and oversight infrastructure; advise management.

(Section 2.3.5)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the key needs and expectations of regulators in relation to a firm’s management of operational risk?

A

Adoption of principles around operational risk culture, governance, appetite, identification and assessment, change management, monitoring, control and mitigation, resilience and continuity.

(Section 2.4.1)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the key needs and expectations of investors from a firm towards management of operational risk?

A

Communication on risk approach, process and exposures to provide assurance and enable comparison across firms.

(Section 2.4.2)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are the key needs and expectations of customers from a firm towards management of operational risk?

A

Fair treatment, appropriate products, clear information, products/services that meet expectations.

(Section 2.4.3)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are the key needs and expectations of third-parties from a firm towards management of operational risk?

A
  • Sound contracts,
  • processes for reporting/monitoring,
  • training provision,
  • adequate resources/technology/governance.

(Section 2.4.4)

17
Q

What are the key needs and expectations of rating agencies from a firm towards management of operational risk?

A

Assessment of quality of risk management and culture in addition to financial metrics.

(Section 2.4.5)