Most major financial incidents result from operational risk issues that could have been mitigated or even prevented. Because operational risks are often interrelated with other risks, Operational Risk Management (ORM) leaders must translate business issues into ORM actions.
Protiviti’s Operational Risk professionals help organisations to drive operational performance, enhancing regulatory standing and shareholder confidence and are known for our collaborative approach towards helping leading institutions build and evolve their Operational Risk Management programmes so that tangible benefits are realised.
Our services include:
Operational Risk Management Program Assessment/Implementation
Protiviti assists several of our clients with program assessments and implementation efforts geared toward leading practises or regulatory guidance. Protiviti provides project management, advisory and implementation services as part of the ORM program implementations.
Risk Control Self-Assessment (RCSA) Support
The RCSA should be utilised as a method to actively manage risk to business strategies and the health of supporting processes. Protiviti is able to help our clients redesign RCSA methodologies, document initial content to begin an RCSA (Processes, risks and controls) and support with technology implementations such as a GRC platform.
Operational Risk Appetite, Measurement and Reporting Analysis and Implementation
Protiviti has the capabilities to design an innovative suite of risk indicators and reporting. We analyse hundreds of risk and performance metrics, ultimately refining and clearly linking metrics to strategy, objectives and hard to measure risks. We leverage comprehensive industry knowledge and benchmarking to define the risk appetite, then employ monitoring and management techniques which align to the risk appetite at the enterprise level down to lines of business.
Process, Risk and Control evaluations and support
Our operational risk management professionals can assess the completeness and quality of existing risks and controls to identify gaps and ensure consistency. We help our clients re-write, rationalise and improve their risk and control environments.
Monitoring and Testing Support
Protiviti has the capabilities to support first and second lines of defense to design and implement monitoring and testing programs. We can support creation of coverage plans, identifying automated techniques and assessing efficiencies in monitoring and testing operational risks across the organisation.
Operational Loss and Scenario Analysis
Protiviti helps clients to build operational risk loss tracking and analysis programs both for internal losses and external losses. Protiviti also assists organisations in assessing their scenario analysis programs, linkages to emerging risk programs and stress testing and assessing and recommending detailed scenarios. We can provide support in integrating operational loss data and scenario analysis into the RCSA program and broader operational risk program to effectively utilise the output and data to make informed decisions.
Operational Risks Program Assessments and Support
Financial organisation face a variety of operational risks such as third party, new product/service, change management, technology and cyber-security, human resources, data quality, business continuation and financial crime. Protiviti has experience in assessing and implementing these programs and integrating them into the overall operational risk program.
GRC Tool Implementation/Transition:
Protiviti helps clients with GRC software implementations and transitions – including process, risk and control taxonomy alignment and development, risk and control statement definition, data mapping of operational risk data and RCSAs to new structures, and migration of legacy data into new systems. Protiviti also facilitates change management and communication with regards to affected users and stakeholders by partnering with the organisation and technology providers.