1 / 20

Operational Risk Management Framework And Control Self Assessment

Operational Risk Management Framework And Control Self Assessment. Maurice A. Krisel Managing Director Broad Street Banking Associates, LLC . Confidential (203) 331 - 5644. David E. Fisher Managing Director Broad Street Banking Associates, LLC.

braith
Download Presentation

Operational Risk Management Framework And Control Self Assessment

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Operational Risk Management Framework And Control Self Assessment Maurice A. Krisel Managing Director Broad Street Banking Associates, LLC. Confidential (203) 331 - 5644 David E. Fisher Managing Director Broad Street Banking Associates, LLC. (203) 434 - 7455

  2. The Vision of Operational Risk Management In 12 to 18 months, your goal should be to create a report for each department and group that summarizes all relevant information that gets combined into a rating for operational risk.

  3. Pillars of Operational Risk Management Senior Management Qualitative/Quantitative Analyses Indicators Losses Issues CSA Common Operational Risk Classification Scheme

  4. Control Self Assessment Framework

  5. Control Self Assessment Outline • Control-Self Assessment Definition • Control-Self Assessment Objectives • Enterprise wide Control Self Assessment Framework • Balanced Scorecard • CSA Methodology • Results • Corporate Governance • CSA Rollout - Project Time Line • Appendix - Delivered Solution 1. Risk Map 2. Excel Based Worksheets 3. HTML Interface 4. Excel Based

  6. Control Self Assessment Definition • Control-Self Assessment is a risk management tool used by business managers to transparently assess risk and control strengths and weaknesses against a Control Framework. The “self” assessment refers to the involvement of management and staff in the assessmentprocess.

  7. Control Self Assessment Objectives • Communication • To ensure better communication of CEO’s objectives and strategies to all business lines • To ensure business line managers communicate their risks and controls more effectively • Education • To ensure business line managers have a better comprehension of effective risk control • To ensure business line managers have a better comprehension of risk management • Proactive Management • To ensure business line managers align their objectives and strategies with the CEO's objectives and strategies • To ensure business line managers assume greater responsibility and accountability for their risks and controls • To ensure business line managers monitor their risk effectively and timely • To ensure business line managers utilize and allocate their resources effectively

  8. Enterprise-wide CSA Framework Goal • To foster a proactive management framework which is pervasive throughout a firm

  9. Enterprise-wide CSA Framework

  10. Step 1: Objective Setting Balanced Scorecard * • A tool that translates a firm’s mission and strategy into a comprehensive set of performance measures that provides the framework for a strategic measurement and management system Objectives • Ensures linkage between the objective of senior management and the businesses • Increased focus on the appropriateness of the objectives • Reinforced as the central “top down” articulation of goals • Provides a framework within which the oversight functions, risk management and the business lines operate

  11. Step 2: CSA Methodology ORCA Framework Objectives Risk Assessment of Key Processes Controls Action Plans • The ORCA framework components fit logically together to form a comprehensive relationship between firm-wide objectives, processes and risks, and controls. This relationship may be viewed as the core of a firm’s internal control.

  12. Step 2: CSA Methodology ORCA Framework To find equilibrium, the business managers must carefully assess the risks inherent within their key processes and apply controls that will work at a reasonable cost.

  13. Step 2: CSA Methodology ORCA Framework

  14. Step 2: CSA Methodology Key Indicators • Metrics to measure the effectiveness of controls in the mitigating or managing risks • TO measure operational problems • TO monitor the quality of the services provided • TO provide early warning for problems • TO aid in the containment of losses • TO determine trends • TO set limits for risk or escalation criteria • TO facilitate everyday decisions.

  15. Step 3: Results Qualitative • Bottom-up feedback to executive management to ascertain how successfully the organization accomplished its strategic vision • Identification of the interdepartmental and thematic risks within the firm Quantitative CSA Metric Score Inherent & Residual Risks Model CSA Scenario Engine

  16. Step 3: Results

  17. Step 3: Results Inherent and Residual risk models provide a sense of the potential monetary impact before and after the implementation of controls. CSA scenario engine may shed insight on how the department’s or firm’s control environment may evolve – for better or worse.

  18. Corporate Governance • Furthermore, the framework readily lends itself to Sarbanes-Oxley and BIS II compliance • The enterprise-wide CSA framework presented here is a key component of a robust corporate governance structure. It enables the organization to inform executive management of the current state of the firm’s risk environment on an ongoing basis • The expected benefits of a strong corporate governance structure are:

  19. Summary The presented enterprise-wide control self-assessment framework: • Provides flexibility and dynamism to evolve with the changing firm • Allows a firm to manage risks from both the “top-down” and “bottom-up” perspectives • Is an integral component of a strong corporate governance structure

  20. Planning Project Scope Define CSA scope Evaluate current firm wide objectives Identify key business areas and processes Obtain Sr. Management support Project Planning Create project timeline Allocate resources Deliverables:Project Plan, Road map CSA Rollout - Project Time Line • Design and Development (Prototype) • Meet with Business Lines • Gather Key business processes • Establish • Create Data Model • Create Database • Create user interface • Load master tables data into database • Create procedure guide Deliverables:CSA beta version software, User guide • Analysis • Define Op Risk components • Firm wide objectives • Risk map • Define CSA components • Objectives and key processes • Risks • Control Methods • Action Plans • Key Risk Indicators • Refine Timeline and estimates Deliverables:Business requirements, User presentation • Implementation • Rollout Control Self Assessment Software • Data Gathering of Business Units CSA • Support business units performing CSA Deliverables:Cutover Plan, CSA application • Close-out • Review user feedback • Establish cyclical review requirements • Update CSA reporting package May June June July September January April August October November February March December Closeout Planning Analysis Implementation Design Development

More Related