Operational Risk Management

Keeping you on the leading edge of risk management and empowering you with proactive risk insights while improving your bottom line.

Establish and transform Operational Risk Management (ORM) functions. We help you to assess, build, and integrate operational risks into your ORM program to enhance risk management capabilities.

Proactive leaders understand they must adopt more innovative risk management practises to succeed against the challenges of today’s customers, shareholders, employees, and the risk and regulatory environment.

Leveraging emerging technologies, harnessing data and information, understanding organisational processes, and maintaining a strong control environment will help firms stay on the leading edge of risk management and empower leaders with proactive risk insights while improving their bottom line.

We help you to identify, construct, and integrate operational risks

Our Operational Risk Management services

Pro Briefcase

ORM Program Strategy and Management

ORM program strategy and governance are key to successfully meeting regulatory guidance. We help you establish risk governance and frameworks, document policies and procedures, identify and quantify risk and risk appetite.

Pro Building office

Operational Risk Assessment

Develop, integrate, and execute risk assessment programs, across people, process, and technology risks. Insight into the effectiveness of your ORM program is key to maintaining an agile function capable of responding to the changing environment.

Pro Document Consent

Control Environment Design and Assessment

Effective risk mitigation needs mature risk and control environments. We help you develop and enhance control environments by assessing/defining processes, identifying/documenting risks, developing/documenting controls, addressing control gaps and optimising controls.

Pro Document Files

Control Validation and Testing

We enable your lines of defence to design and implement monitoring and testing programs, including creating/executing coverage plans, automated techniques, and centralised testing. Effective controls for validation and assurance are critical to managing risk.

Pro Document Stack

Risk Control Self-Assessment (RCSA) Design and Implementation

Protiviti provides expertise related to establishing RCSA programs, developing RCSA methods, implementing supporting risk technology tools, and executing advisory assistance. The RCSA process helps actively manage risk to business strategies and supporting processes.

Pro Legal Briefcase

Issue Management Support

Remediate identified gaps and enhance your control environment by shepherding issues through and improving the issue management life cycle, identifying risks, developing controls, and updating processes to ensure risk mitigation and issue closure.

Pro Workflow Flowchart

ORM Analytics

Harness the power of data across your organisation, leveraging leading technologies and data analytics to transform data to provide insight and foresight for management and proactive risk management reporting.

web graphic

Our approach

Protiviti has a record of success in helping clients develop strong risk management practises with the responsiveness required for an ever-changing business environment.

We work with over 75 percent of the world’s largest financial institutions, which benefit from our collaborative team approach to resolving today’s risk management challenges.

Our professional consultants have varied industry and regulatory backgrounds that enable our unified Financial Services practise, with the seamless integration of risk and compliance, technology, data, and analytics solutions, to develop customised agile risk management approaches to meet your present and future challenges.

Our expertise gives you the tools to build an effective operational risk management program to reap both immediate and long-term benefits using the framework:

web graphic


Meghan Jankelow
Meghan is a Managing Director in the Risk and Compliance practice and co-leads the Operational Risk Management segment. Her client experience includes large and regional banks as well as domestic and internationally active insurers. Meghan has assisted financial service ...
Jenna Fitzsimmons
Jenna is a Managing Director in Protiviti’s Financial Services practice focusing in the Risk and Compliance solution. She has worked on numerous engagements impacting key functional areas for large national and global financial institutions. Jenna has extensive program ...



Podcast: Future of Operational Risk

Managing risks and strengthening controls associated with operations have become increasingly more complex for all organisations. Firms are expending significant time, money, and resources to implement required changes and prioritise operational risk...
Read More



U.K. Supervisory Authorities and Basel Committee Refine Operational Resilience Approaches, Align on Expectations for Firms

Several Key Policies Take Effect March 31, 2022 On March 29, 2021, the Bank of England (BoE), the Prudential Regulation Authority (PRA) and the Financial Conduct Authority (FCA) issued a series of policy statements to both refine and finalise...
Read More



Agile Risk Management - Navigating Changing Dynamics

Including results of Protiviti’s large financial institution survey on business control functions An organisation’s overall risk governance framework and the resulting interaction across the three lines of defense are critical to business success....


Blog Generic 1

Agile Risk Management – Reinventing RCSAs

Protiviti’s Agile Risk Management philosophy enables organisations to focus on growth, improve efficiency and become more effective in managing risk while providing greater value to business partners. Effective risk identification and assessment...
Read More