process based risk management
Post on 08-Jun-2015
7.998 Views
Preview:
DESCRIPTION
TRANSCRIPT
ProcessProcess--basedbased RiskRisk ManagementManagementBeyond Compliance
Why is it so important?
People
Operational Risk Management
EnvironmentEnvironment
TechnologyProcess
2009.05.11. Péter Fehér - Corvinno Technology Transfer Center 3
Loss event categories
Business
Disruption &
System FailuresClients, products
and business
practices
Damage to
Physical Assets
External Fraud
Internal Fraud
Loss
Ris
k
Physical Assets
Employment
practices and
workplace
safety
Execution,
Delivery &
Process
Management
2009.05.11. Péter Fehér - Corvinno Technology Transfer Center 4
Pro
cess
Ris
k
Risks in processes
• Payment, settlement, reconciliation, modeling, pricing, capacity…
• Dealing with vendors and suppliers, including oursourcingsuppliers, including oursourcing
• Documentation requirements
• Internal and external complianceissues
• Customer management
2009.05.11. Péter Fehér - Corvinno Technology Transfer Center 5
Current ORM Challenges
• Focusing more on compliance and less on risk management
• Risk management• Risk management
– Low visibility, hidden risks
– High complexity
– Interdependency
– High impact
2009.05.11. Péter Fehér - Corvinno Technology Transfer Center 6
Process classification
• Operational risk should be examined in all level
Management Strategy, Controlling, SHRM
2009.05.11. Péter Fehér - Corvinno Technology Transfer Center 7
Business Lines
Value adding activities
Support, back office
IT, HR, Legal, Finance…
Process problems
• Do not exist
• If exist, were not documented
• If exist, documented, are not followedare not followed
• If exist, documented and followed, are not measured and controlled
2009.05.11. Péter Fehér - Corvinno Technology Transfer Center 8
Process-based RiskManagement ApproachManagement Approach
Integrating risk and processmanagement
RiskProcess
Process-based risk management
2009.05.11. Péter Fehér - Corvinno Technology Transfer Center 10
RiskProcess
Risk-based process management
Process and risk
• Integrates tasks and resources
– Human
– Technical solutions
– Information (documents, databases)– Information (documents, databases)
• Records cross-unit processes
• Manages responsibilities
2009.05.11. Péter Fehér - Corvinno Technology Transfer Center 11
Helps to identify hidden risks!
Process and risk
• Loss related to a specific process or activity
– Process based risk management
• Inadeqate performance of a process or a service
– Outage of business services– Outage of business services
– Outage of IT services
– Incident management
– Business continuity management
• ( and )
2009.05.11. Péter Fehér - Corvinno Technology Transfer Center 12
Corpo
rate
finan
ce
Tradin
g an
d sale
s
Retail b
ankin
g
Commer
cial b
ankin
g
Paymen
t and
settle
ment
Agenc
y ser
vices
Asset
man
agem
ent
Retail b
roke
rage
Internal Fraud
External Fraud
Execution, Delivery & Process Management
Employment practices and workplace safety
Damage to Physical Assets
Clients, products and business practices
Business Disruption & System Failures
Üzleti kategóriák
Veszteség kategóriák
Osztályok
Business Disruption & System Failures
Emberek
Folyamatok
TechnológiaKülső tényezők
Key Risk Indicator 1
Key Risk Indicator 2
Key Risk Indicator 3
Risk 1
Risk 2
Risk 3
Process-based risk management
• Who, what, when, how
• Resources
Identifying and modelling processes
• What could prevent us to perform this task?
• What requires for achieving quality results?
Risk identification and assessment • What requires for achieving quality results?and assessment
• Can’t eliminate every risk
• Embedded controls
Control planning and deployment
• As a tool for risk management
• As a tool for organisational efficiency
Process development
2009.05.11. Péter Fehér - Corvinno Technology Transfer Center 14
Process modelling
Process map
Process model
Organisational model
Documents
IT Systems
Products
Risks and Controls
2009.05.11. Péter Fehér - Corvinno Technology Transfer Center 15
Risk analysis
• Related to
– Activity
– Resources
• Human• Human
• IT
• Information
• Where and Why?
2009.05.11. Péter Fehér - Corvinno Technology Transfer Center 16
Process Models created by the ADONIS system.
Risk assessment
• Experts
– Previous experiences
– Existing knowledge
• Collected historical data• Collected historical data
• Quantifying expected loss
• Indicators (KPI, KRI)
• Modelling risk
2009.05.11. Péter Fehér - Corvinno Technology Transfer Center 17
Risk overview
• Summarising risks
• Analysing interdependencies
• Scenario analysis:
– Exceptional events– Exceptional events
– Simulations based on processmodel
– Capacities, trends, pathanalysis
2009.05.11. Péter Fehér - Corvinno Technology Transfer Center 18
Controls
• Activity or process
• Ideal control: preventive and automatic
• Human accountability and responsibility
• Workflow• Workflow
2009.05.11. Péter Fehér - Corvinno Technology Transfer Center 19
Process Models created by the ADONIS system.
Process development
• Tool for risk management
• Developing general controls
• Combining with process management requirements– Time
– Quality
– Resources
• Achievable objectives– Where are we now (AS-IS)?
– Where do we want to go (TO-BE)?
• Output can be a policy
2009.05.11. Péter Fehér - Corvinno Technology Transfer Center 20
Challenges
• Developing the process-based approach requires a systematic approach
• Conscious business process management is a requirementrequirement
• Continuous maintenance is required
• Cooperation of front-office and back-office
2009.05.11. Péter Fehér - Corvinno Technology Transfer Center 21
Summary
• Why use the process-based approach?
– Measurement of losses is not risk management
– Helps to identify hidden and soft risks
– Helps to analyse risks is details– Helps to analyse risks is details
– Controls processes and risks
– Can involve every stakeholder in the development
– Provides the possibility of conscious risk management
2009.05.11. Péter Fehér - Corvinno Technology Transfer Center 22
Thank You!
Péter Fehér
Corvinno Technology Transfer CenterH-1093 Budapest, Közraktár utca 12/a.
Tel/Fax: 06 1 210 80 62 http://www.corvinno.com
top related