ABSTRACT
This chapter highlights the essential internal elements that an organisation needs in order to provide a strong foundation on which to build robust operational risk management practices. Traditionally the functions relating to the management of operational risk are managed independently and are not integrated within the one discipline of ‘operational risk management’. Operational risk management as a discipline has developed to the stage where there should be a recognised formal operational risk management function which consolidates all of the disparate risk management activities into one cohesive and coordinated group. The setting of an organisation’s risk ‘appetite’ is a critical component of operational risk management. It enables risks to be ‘evaluated’ against the appetite and a mechanism for escalating and treating risks that fall outside of the appetite. The operational risk policy should sit under the group risk policy and cover all policy matters concerning operational risk management.
