O SlideShare utiliza cookies para otimizar a funcionalidade e o desempenho do site, assim como para apresentar publicidade mais relevante aos nossos usuários. Se você continuar a navegar o site, você aceita o uso de cookies. Leia nosso Contrato do Usuário e nossa Política de Privacidade.
O SlideShare utiliza cookies para otimizar a funcionalidade e o desempenho do site, assim como para apresentar publicidade mais relevante aos nossos usuários. Se você continuar a utilizar o site, você aceita o uso de cookies. Leia nossa Política de Privacidade e nosso Contrato do Usuário para obter mais detalhes.
A Scribd passará a dirigir o SlideShare em 1 de dezembro de 2020A partir desta data, a Scribd passará a gerenciar sua conta do SlideShare e qualquer conteúdo que você possa ter na plataforma. Além disso, serão aplicados os Termos gerais de uso e a Política de Privacidade da Scribd. Se prefira sair da plataforma, por favor, encerre sua conta do SlideShare. Saiba mais.
Assessment of Risk MitigationStrategiesPresented b y:Eneni Oduw oleGroup Head, Operational Risk Mgt.Guaranty Trust Bank Plc
OutlineWhat is Risk AssessmentCase StudyProcess for Assessing RiskOptions for Evaluating RiskEvaluation of Mitigation Strategies
What is Risk Assessment?A logical and objective (qualitative / quantitative)approach to analyzing and interpreting data with thepurpose of PREDICTING possible adverse eff ectsA formal way to CALCULAT E risk so that informeddecisions can be made; it bears an element ofuncertainty Risk = Exposure . Exposure Limit
Case StudyIn 2007, the senior management of CSBank Ltd decided tolook for better ways to use its IT infrastructure andinvestments to prudently and effectively support growthThe Bank had grown rapidly as a result of both acquisitionsand the entrepreneurial cultures in its lines of business whichresulted in difficulties in managing the organization s ITlandscapeIt hopes to achieve first mover advantage with new businessopportunities that emerge, the use of initiative is encouragedamongst business unit headsWhat are the major risks faced by this Bank?
Process for Assessing RiskReview strategy & business modelIdentify gaps between desired and actual resultsConduct risk assessment (identi fies prevalent risks) f2Assess impact & f requencyDevelop & implement controlsReassess risk exposures and controlsCommunicate and document f indings
Options for Evaluati ng RiskConducting Periodic Risk AssessmentsRisk MappingMaintaining a Risk RegisterPeriodic Revie w of Contingency Plans
Evaluation of mitigation strategiesHow to assess risk miti gationIdentification of risk exposuresCritical evaluation of exposuresDealing with the exposures(terminate, tolerate, treat or transfer)Establishment of action plans
Features of Risk Mitigation StrategiesEffectiveness at business unit level: Reduction of riskexposureCost effectiveness: Risk mitigation strategy must be cheaperthan the likely loss estimateAlignment with business model: Risk controls mustseamlessly fit into the work culture and business profile of theorganisationComplexit y: The simpler the strategies, the higher the chances ofadoption by stakeholdersConsistenc y with regulatory / legal & ethicalrequirements
Methods of identifying risk exposuresInterview with stakeholders: one on one chatsTrend analysis: Key Risk Indicator / data analysisBrain-storming: with a group of expertsReview completed checklists, templates and surveys:should be closely monitoredNominal Group Technique: risk manager facilitates the session butdoes not lead the discussionDelphi Technique: reduces chaos
Critical evaluation of Risk ExposuresDefine Exposure Groups ( EGs)Define Exposure ProfilesAscertain likel y frequency of occurrenceDetermine estimated impact on business (w hetherfinancial or non -financial)Determine overall risk ratingDecide acceptabilit y of the risk profile For each EG
Dealing with the Risk Exposur esTerminate : when cost is higher than benefit; no competencies formanaging riskTolerate: when cost is within risk appetite levels or insignificant tobenefit; no brainerTreat: when benefit from business venture is seriously threatened;staff and business model / structure can implement and supportcontrolTransfer: when benefit is threatened but staff / business modelmay not support required control (risk may be shared or transferredcompletely)
Considerations for selecting Action PlansPolicy Changes: Consider regulatory / legal / ethical issues such asmodifications of banking & related policiesIn-House Actions: Consider appropriate plans that would fit intothe organization s business strategy / model / structure, and cultureSimplicity: Action plans should be rid of complexities / complexmethodologies which might sabotage the correction process; new process/ control should be easy for auditors to reviewImplementation: Incorporation of related activities into routinebusiness processes should be seamless; relevant parties should becarried alongReview: Tracking of implementation should be easy; effectiveness ofcontrol should be tested periodically