What is the scope of operational risk management?
Operational risk is recognised as being distinct from market risk and credit or trade risk (although an operational failure may result in a loss of control and an increase in exposure in these areas also). However, as the definition suggests, ORM confines itself to managing those elements that fall within the business operational remit. They include: * Process and procedural robustness and integrity * People, skills and training * Insurance and self-insurance * The supply chain, outsourcing and inherited risk * Infrastructure, systems and telecommunications * Physical and information security. What is the value of operational risk management? Undoubtedly, you already manage your exposure to operational risk in a number of ways; you lock doors and windows at night, you encourage staff to access the firm’s data securely, you run anti-virus software and so on. But most companies buy CCTV only after a break-in. They test their backups only after a system failed. They buy disaster recovery
