Savvy Operational Risk Management Executives and Audit Committee Directors should ask themselves the following questions:
Do we have the management systems we require to audit compliance, risk, and claims data?
Are the corporate data collection systems automated?
Are we in compliance with state and federal regulations affecting my industry?
How do we merge data from internal and external sources so it provides me with a holistic view of risk?
How do we easily compare data across Lines of Business?
How do we chart risk exposures in real-time for the company as a whole?
How do we access our audit information in the organization?
In our current threat environment, interested parties inside and outside of an organization are demanding more accountability from Board Directors to handle all facets of Operational Risk Management (ORM). This cannot happen until there is a clear understanding of the different types of risk that could impact the company as well as the consequences and frequency.
In order to survive, corporations need a "4D Risk Strategy". Only then, can any of these questions begin to be answered with any certainty.