DRJ Spring 2020

Conference & Exhibit

Attend The #1 BC/DR Event!

Fall Journal

Volume 32, Issue 3

Full Contents Now Available!

Thursday, 08 January 2015 06:00

The Business Value of Operational Risk Management

Written by  John DiMaria, HISP, MHISP

Operational risk management (ORM) is more than knowing how to evaluate risk. It is a continuously-repeated process which includes risk assessment, risk decision-making, and implementation of risk controls that result in risk acceptance, mitigation, or avoidance. ORM is more complicated than a basic definition. According to the Global Association of Risk Professionals (GARP), operational risk management takes on many meanings depending on the industry or framework. A few examples of the different definitions are listed below. In its international standard for banking regulators, the Basel Committee on Banking Supervision defined operational risk as the risk of loss resulting from inadequate or failed processes, people, and systems or from external events. Known as Basel II, this definition includes legal risk but does not address strategic and reputational risk.