Whose Role Is It To Manage Operational Risk?
What is operational risk? It is usually defined as the prospect of loss resulting from inadequate or failed procedures, systems or policies or other external events. Generally, it is understood to be the uncertainties and hazards that an organisation has to deal with in the course of its day-to-day business activities. These can range from minor – small, anticipated, accepted human errors – to major events like fraud and corruption leading to bankruptcy, which have devastating, long-term consequences. Operational risk can also be human resource-related, such as frequent absenteeism; or stem from cybersecurity attacks, leading to loss of confidential data. Internal and external fraud are considered operational risks as well.
Natural disasters such as typhoons, landslides and earthquakes are also operational risks, as are technology risks pertaining to automation and artificial intelligence. Categories notwithstanding, poor operational risk management is detrimental to firms; left unchecked, it can destroy a firm’s reputation and cause extensive financial damage. Regardless of similarity of operations or industry, each organisation has risks which are unique to its own situation. While a certain amount of operational risk such as employee error or system failure is almost always accepted as par for the course by organisations, proper strategies should be in place to manage it nevertheless.
21 The IERP® Monthly Newsletter September - November 2021