All organisations have in place governance arrangements to ensure that they are directed and controlled in a manner consistent with the requirements of their stakeholders (shareholders, creditors, regulators, etc). These governance arrangements will span across all aspects of an organisation’s activities and operations, including strategic and tactical decisions. The management of risk forms a central element of these arrangements. This includes the management of operational risk.
This paper focuses on sound practices for the governance of operational risk. The paper is not intended as a replacement for existing governance codes and standards, such as the UK Corporate Governance Code or the OECD’s Principles of Corporate Governance. Instead, the aim is to highlight practices which may be employed to support the effective and appropriate management of operational risk, as part of the wider governance activities of an organisation.
With sound practices for the governance of operational risk management an organisation can ensure that its operational risk exposures are kept within appetite, compliance is maintained with applicable laws and regulations (e.g. health and safety, environmental, and financial regulations) and that internal policies and procedures for the management of operational risk are followed. Also, operational risk management should support an organisation’s wider corporate governance activity through the control of ‘people risks’, including inappropriate conduct on the part of directors, managers and employees, negligence or criminal activity.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.