There is a growing threat on the business horizon. The risk of loss from inadequate or failed processes, people, and systems or from external events is taking executives by storm. This definition of Operational Risk also includes legal risk, which is the risk of loss from failure to comply with laws as well as prudent ethical standards and contractual obligations. It also includes exposure to litigation from all aspects of institutions activities. In the course of a single day the organizational exposure to threats ranges from low to severe on the horizontal axis. It isn’t until you put the vertical spectrum into consideration that you arrive at your "Operational Risk Profile" for that particular slice of time. This vertical axis is the range of consequences that would impact the business should the threat event actually occur. It ranges from minor to disastrous. Each day our organizations live in a dynamic spectrum of tolerable and intolerable threats to our most precious corporate assets.
The Take Away
While you were in the Board of Directors meeting, your Operational Risk Profile changed. When you were asleep last night it changed again. The people, processes, systems and external events are interacting to create a new and dynamic threat matrix for your organization. Who is responsible for Operational Risk Management in your business? Everyone is. You see, if everyone in the organization was able to understand and perform the mission flawlessly, then the business could stay in the lower left quadrant. This is where the threat exposure is low and the consequences are minimal. This is exactly why you are spending less and less time here. Only a guarded few understand the mission of operational risk management in your company. Only a guarded few can do it flawlessly. If you want to protect your corporate assets better than you do today, then turn those guarded few into the mission ready many.