Best Practice in Operational Risk Management
28 - 29 OCTOBER 2019 GULF HOTEL MANAMA / Kingdom of Bahrain
From risk environement to risk culture, the course covers in breadth and depth the most topical elements of operational risk management and its challenges for the financial services industry.
Taught by a world leading expert in the field and highly regarder guest speakers, the course is a must-have for all the operational risk practitioners wishing to benchmark their practice and discuss best practices. It is also a fantastic opportunity for newcomers to gain a comprehensive overview what modern operational risk managers need to know.
Delegates will leave the course equipped with a new network of practitioners, a wealth of content, additional references and readings, and an open line for further questions with the trainer, Ariane Chapelle.
Key Objectives and Learning Outcomes
After the course, participants will know about:
• Best practices in Risk Management Framework
• Maturity and Quality criteria in ORM
• Governance and 3 lines of defense
• Tools for risk identification
• Risk Assessment methods
• Quantifying rare events and cyber risk
• Key control in cyber risk and information security
• Selecting and designing preventive KRIs
• How to differentiate and address human errors
• How to use root cause analysis most effectively
• Best practice in Outsourcing risk management and project risk management
• Golden rules in risk reporting and risk communication
Who Should Attend
• Director and heads of Operational Risk
• Entreprise Risk Managers
• Operational Risk Managers
• Internal Auditors
• Compliance officers
• RegulatorsTiming of the training sessions & outline
Training day: 8:30 am - 17.00 pm
Session 1: 9:30 am - 10.30 am
Session 2: 10:45 am - 12.45 pm
Session 3: 13.30 pm - 14:45 pm
Session 4: 15.00 pm - 17.00 pm
Framework, Risk Assessment & Cyber risk management
Session 1: Risk Management Framework and Governance
• Operational Risk trends and emerging risks
• Governance of Operational Risk: roles and responsibilities, 3 lines of defense
1st line and 2d line: The Partnership Model
• ORM Maturity & Best Practice Criteria
Workshop and discussion: benchmark your ORM practices to your peers and wider
Session 2: Risk Identification & Assessment
• Tools and techniques for risk identification
• Risk register: a list vs. Risk connectivity: network of risks
• Definition and rules for Risk and Control Self Assessment
• Impact and likelihood scales
• Links with risk appetite
Class Exercise: Apply risk assesement to some of your risks
Session 3: Risk Appetite Definition, Statement and Communication
• Industry guidance on Risk Appetite
• Definition and Governance: Communicating Risk Appetite
• Risk Appetite Statements: Features, Templates and Examples
• Cascading and Monitoring Risk Appetite: RCSA and indicators
Class Exercise: express risk appetite, tolerance and limits for two of your top risks
Session 4: Cyber risk and scenario quantification: case study
• Case study on information security
• Taxonomy of information security risks
• Key controls on information and cyber security: behavioural and technical controls
• Assessing rare events – case studies: scenarios assessment of IT disruption, cyber attacks and other data leaks
Class Exercise: Scenario idenfication in Cyber security
Session 1: Outsourcing and Project risk management
• Risk Identification in Outsourcing and Change Management
• Risk ratings of third parties
• Risk ratings of projects
• Key steps and controls in outsourcing risk, and the role of the risk function
• Key steps and controls in project and execution risks and the role of the risk function
Class debate and sharing of best practice
Session 2: Root causes analysis and Control Design
• Slips and mistakes: Typology and causes of human errors
• Effective vs. Illusory controls
• Root cause analysis: identifying patterns of failures
• Bow-tie: a most effective tool to define KRIs and controls
• Mitigation: options and roles of external insurance
Exercise: apply the bow-tie to one of your incident; share the lesssons learned
Session 3: Designing and Selecting Preventive Key Risk Indicators
• KRI, KPI, KCIs: concepts,overlaps and examples
• Essential features of preventive KRIs
• Classifying KRIs: Environmental, Stress, Causal and Failure
• KRI Design: Frequency - Trigger levels - Escalation criteria – Ownership - Data accuracy
• Six steps to define and design preventive KRIs
Class Exercise: Select and design some relevant KRIs for your key risks
Session 4: Risk Reporting and Risk Communication
• The role of incident data collection
• Data features: core losses and tail risks
• Three golden rules of reporting
• Management information: the “reporting cake”
• The value of Risk Management
Class interaction: best practice and sharing of experience
Dr. Ariane Chapelle
Ariane Chapelle, PhD, is an internationally recognised trainer and consultant in Operational Risk. Dr. Chapelle, is Honorary Reader at University College London for the course 'Operational Risk Measurement for Financial Institutions’ and is a Fellow of the Institute of Operational Risk. In 2018, she designed for PRMIA (the Professional Risk Managers' International Association), a Certificate of Learning and Practice in Advanced Operational Risk Management, that she delivers globally, including for the World Bank and the International Monetary Fund.
Dr. Chapelle runs Chapelle Consulting Ltd, a boutique training and consulting firm offering tailored, high-end support in risk management. Her clients include Tier 1 to Tier 3 financial organisations of all kinds and international financial institutions, including central banks and UN agencies.
Ariane Chapelle is a former holder of the Chair of International Finance at the University of Brussels. She has been active in operational risk management since 2000 and held positions of head of operational risk management at ING Group and Lloyds Banking Group.
Her recent textbook “Operational Risk Management: best practices in the financial services industry”, published by Wiley Finance Series in December 2018 has rapidely become the best-seller in the field
In June, 2019 Chapelle Consulting has been awarded the “Outstanding Achievement of the Year in Operational Risk” by risk.net, recognising a year of exceptional realisations in operational risk.
•The course simplifies risk management in a practicable manner - Oghale , Dubai, 2018
•Ariane is an exceptional trainer, engaging and she brings her subject to life with lots of examples from many different organisations. - Eamon M., London, 2014.
•Excellent! Incredibly knowledgeable trainer, who was engaging & inspirational in her delivery. Very practical course. - Steve M., 2013.
•Ariane has been one of the few instructors I've met with a wealth of knowledge in operational risk pillar. - Betsy P., New York, 2015
1250 $ for UAB members
1500 $ for Non-UAB members
fees include attending the workshop, receiving the material, refreshments and a daily lunch.
DULE AND LANGUAGE:
Registration: the first day from 8am to 9 am.
Schedule: from 8:30 am to 17:00 pm daily.
Workshop language: EnglishS OF PAYMENT
A Bankers check shall be drawn at New York to the order of the Union of Arab Banks, or by transfer to the account of the UAB No: 0331-082305/510 Arab Bank - Beirut Lebanon.
For online registration & payment, please visit our website :www.uabonline.org