Critical operational and/or business support, service or product related activity (provided internally or externally), including its dependencies and single points of failure, which enables an organization to achieve its business objective(s), taking into account seasonal trends and/or critical timing issues.
The trend to create "virtual" organizations raises a number of new issues as it pertains to interdependencies and single points of failure. The ability to provide sourcing alternatives in the event of a catastrophic failure of an MCA provider is a key priority. As the trend becomes more operational and logistically complex organizations must exercise more often to determine where processes or systems weaknesses occur.
An organizational Business Crisis & Continuity Management (BCCM) strategy ensures resilience and high reliability of MCA's. At the process level is a documented framework that identifies the organizations MCA's in the context of products or services.
One key outcome is the definition of the BCCM relationship, positioning and connection with other risk related functions, e.g. Operational Risk Management (ORM) A critical component of getting this BCCM relationship connected with the risk management culture is through awareness and education training.
Ownership of BCCM by organizational lines of business, especially where Operational Risk originates and resides is paramount. No matter how well designed a strategy may be, exercising and testing on a regular basis is necessary to identify potential issues during a real incident.
And no BCCM is complete without measurement and audit. You must verify compliance independently to highlight key material deficiencies and issues to ensure their resolution.
At the end of the day, the question is this.
operational risk