Most major financial incidents result from operational risk issues that could have been mitigated or even prevented. Because operational risks are often interrelated with other risks, Operational Risk Management (ORM) leaders must translate business issues into ORM actions.
Protiviti’s Operational Risk professionals help organisations to drive operational performance, enhancing regulatory standing and shareholder confidence and are known for our collaborative approach towards helping leading institutions build and evolve their Operational Risk Management programmes so that tangible benefits are realised.
Our services include:
Operational Risk Management Programme Assessment/Implementation
Protiviti assists several of our clients with programme assessments and implementation efforts geared toward leading practises or regulatory guidance. Protiviti provides project management, advisory and implementation services as part of the ORM programme implementations.
Risk Control Self-Assessment (RCSA) Support
The RCSA should be utilised as a method to actively manage risk to business strategies and the health of supporting processes. Protiviti is able to help our clients redesign RCSA methodologies, document initial content to begin an RCSA (Processes, risks and controls) and support with technology implementations such as a GRC platform.
Operational Risk Appetite, Measurement and Reporting Analysis and Implementation
Protiviti has the capabilities to design an innovative suite of risk indicators and reporting. We analyse hundreds of risk and performance metrics, ultimately refining and clearly linking metrics to strategy, objectives and hard to measure risks. We leverage comprehensive industry knowledge and benchmarking to define the risk appetite, then employ monitoring and management techniques which align to the risk appetite at the enterprise level down to lines of business.
Process, Risk and Control evaluations and support
Our operational risk management professionals can assess the completeness and quality of existing risks and controls to identify gaps and ensure consistency. We help our clients re-write, rationalise and improve their risk and control environments.
Monitoring and Testing Support
Protiviti has the capabilities to support first and second lines of defense to design and implement monitoring and testing programmes. We can support creation of coverage plans, identifying automated techniques and assessing efficiencies in monitoring and testing operational risks across the organisation.
Operational Loss and Scenario Analysis
Protiviti helps clients to build operational risk loss tracking and analysis programmes both for internal losses and external losses. Protiviti also assists organisations in assessing their scenario analysis programmes, linkages to emerging risk programmes and stress testing and assessing and recommending detailed scenarios. We can provide support in integrating operational loss data and scenario analysis into the RCSA programme and broader operational risk programme to effectively utilise the output and data to make informed decisions.
Operational Risks Programme Assessments and Support
Financial organisation face a variety of operational risks such as third party , new product/service, change management, technology and cyber-security, human resources, data quality, business continuation and financial crime. Protiviti has experience in assessing and implementing these programmes and integrating them into the overall operational risk programme.
GRC Tool Implementation/Transition:
Protiviti helps clients with GRC software implementations and transitions – including process, risk and control taxonomy alignment and development, risk and control statement definition, data mapping of operational risk data and RCSAs to new structures, and migration of legacy data into new systems. Protiviti also facilitates change management and communication with regards to affected users and stakeholders by partnering with the organisation and technology providers.
At the foundation of the Agile Risk Management Framework is the central premise that business management and risk management should create a unified operating model with clear first, second and third line accountability.
Learn more at Agile Risk Management.
The Protiviti Risk Index™ offers an innovative approach to risk reporting, by combining an effective, efficient, and customised risk management tool with leading data visualisation technology.
Learn more at The Protiviti Risk Index™.
Issue Management is a critical measure of an organisations's risk management program because it is a key component in identifying risk and mitigating potential risk.