Obfuscating Operational Risk Management

Operational Risk Management is continuing to evolve as a key component of an Enterprise Risk Management (“ERM”) program. However, it continues to be an area of great debate as a formal discipline due to its broad focus and impact across the business. One area that confuses and frustrates many businesspeople when confronted with operational risk is the notion of risk appetite vs. risk tolerance. In some cases, the two terms are used interchangeably. However, in other cases, risk appetite refers to the total amount of risk to be taken to achieve a given business objective and risk tolerance refers to specific risk limits associated with a given business activity. The Institute of Operational Risk has developed guidance that is practical and useful for risk practitioners in dealing with these terms. Here’s their view.

In simple terms, expressing Operational Risk Appetite is a question of defining what is acceptable to an organisation and what is not. This could be achieved by deciding, for each type of risk, what is acceptable, what is unacceptable, and the parameters of the area between those two (i.e. what is tolerable).

Regardless of the way these terms are used, the key for operational risk managers is to help businesspeople understand risk in their own terms rather than in risk management vernacular. Otherwise, the focus will remain on terminology rather than what is really important – creating value for the business.


About Wheelhouse Advisors
Wheelhouse Advisors LLC is the publisher of The ERM Current™, an online publication and blog dedicated to providing the latest updates on current trends in Enterprise Risk Management & Control. Wheelhouse Advisors provides cost-effective Enterprise Risk Management & Control solutions to both large and mid-size corporations. To learn more about Wheelhouse Advisors, please visit our web site at www.WheelhouseAdvisors.com.

One Response to Obfuscating Operational Risk Management

  1. Boris says:

    I enjoyed the publication. It is brief and to the point. In fact in financial institutions, the reason for the uncontrolled risks are that organization culture is risk happy ( they like risks for want of better word).
    Senior management does not perceive benefits from risk management, hence, the focus is not there in organization culture to build a risk culture.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: