Operational Risk

Body

Most major financial incidents result from operational risk issues that could have been mitigated or even prevented. Because operational risks are often interrelated with other risks, Operational Risk Management (ORM) leaders must translate business issues into ORM actions.

 

Protiviti’s Operational Risk professionals help organizations to drive operational performance, enhancing regulatory standing and shareholder confidence and are known for our collaborative approach towards helping leading institutions build and evolve their ORM programs so that tangible benefits are realized.

 

Our services include:

Operational Risk Program Assessment/Implementation

Protiviti assists several of our clients with program assessments and implementation efforts geared toward leading practices or regulatory guidance. Protiviti provides project management, advisory and implementation services as part of the ORM program implementations.

Risk Control Self-Assessment (RCSA) Support

The RCSA should be utilized as a method to actively manage risk to business strategies and the health of supporting processes. Protiviti is able to help our clients redesign RCSA methodologies, document initial content to begin an RCSA (Processes, risks and controls) and support with technology implementations such as a GRC platform.

Operational Risk Appetite, Measurement and Reporting Analysis and Implementation

Protiviti has the capabilities to design an innovative suite of risk indicators and reporting. We analyze hundreds of risk and performance metrics, ultimately refining and clearly linking metrics to strategy, objectives and hard to measure risks. We leverage comprehensive industry knowledge and benchmarking to define the risk appetite, then employ monitoring and management techniques which align to the risk appetite at the enterprise level down to lines of business.

Process, Risk and Control evaluations and support

Our operational risk management professionals can assess the completeness and quality of existing risks and controls to identify gaps and ensure consistency.  We help our clients re-write, rationalize and improve their risk and control environments.

Monitoring and Testing Support

Protiviti has the capabilities to support first and second lines of defense to design and implement monitoring and testing programs.  We can support creation of coverage plans, identifying automated techniques and assessing efficiencies in monitoring and testing operational risks across the organization.

Operational Loss and Scenario Analysis

Protiviti helps clients to build operational risk loss tracking and analysis programs both for internal losses and external losses.  Protiviti also assists organizations in assessing their scenario analysis programs, linkages to emerging risk programs and stress testing and assessing and recommending detailed scenarios. We can provide support in integrating operational loss data and scenario analysis into the RCSA program and broader operational risk program to effectively utilize the output and data to make informed decisions.

Operational Risks Program Assessments and Support

Financial organization face a variety of operational risks such as third party , new product/service, change management, technology and cyber-security, human resources, data quality, business continuation and financial crime.  Protiviti has experience in assessing and implementing these programs and integrating them into the overall operational risk program.

GRC Tool Implementation/Transition:

Protiviti helps clients with GRC software implementations and transitions – including process, risk and control taxonomy alignment and development, risk and control statement definition, data mapping of operational risk data and RCSAs to new structures, and migration of legacy data into new systems. Protiviti also facilitates change management and communication with regards to affected users and stakeholders by partnering with the organization and technology providers.