05 January 2020

ORM: Pervasive Risk Across Disciplines...

What is the origin of the "Operational Risk Management" (ORM) discipline? Was it derived from the work within the financial services industry from the Basel II initiatives?

The definitions and the actual work towards creating standards of conduct and rule-based design has been evolving for the past few decades.

Operational Risk and the approach to risk that is not otherwise considered to be market or credit risk, is one mind set. The other mind set considers the hazards associated with the threat to our valuable assets.

Either point of view depends on the environment that you operate in and the risks associated with that environment.

To give a quick example, here are a few views into Operational Risk in the United States:

"It didn’t take long—the first attack on a U.S. government website hit on Saturday, a day after the killing of Qassem Suleimani in Baghdad. The fact there was an attack is not a surprise—speculation has been rife. And the style of the attack is consistent with the nature of the primary cyber threat we now face. Hackers claiming to be linked to Iran targeted a low-level domain—the website of the Federal Depository Library Program—defacing its home page, echoing Teheran’s threats of vengeance alongside imagery of President Trump, Ayatollah Khamenei and the Iranian flag" Forbes

"Boeing will still burn more than $1 billion a month even after halting 737 Max production, according to J.P. Morgan.  Boeing’s decision to stop suspend production of the troubled aircraft was made in light of months of cash-draining groundings worldwide, but the company’s internal overhead and labor expenses will remain and will increase cash burn, analyst Seth Seifman wrote to clients."  CNBC

These examples encompass a U.S. government agency and a private sector U.S.-based global aerospace company.  Both are operational risk scenarios that could contribute to losses that will also impact the reputation of the entity involved.

That aspect alone, could be the major factor in why Operational Risk Management is such a growing discipline in our 2020 global landscape.

Some of the earliest origins of the Operational Risk concerns come from the military. The U.S. Navy is one of the branches who has embraced it fully:
  • Purpose. To establish policy, guidelines, procedures, and responsibilities per reference (a), standardize the operational risk management (ORM) process across the Navy, and establish the ORM training continuum.
  • Scope. This instruction applies to all Navy activities, commands, personnel, and contractors under the direct supervision of government personnel.
  • Discussion. Risk is inherent in all tasks, training, missions, operations, and in personal activities no matter how routine. The most common cause of task degradation or mission failure is human error, specifically the inability to consistently manage risk. ORM reduces or offsets risks by systematically identifying hazards and assessing and controlling the associated risks allowing decisions to be made that weigh risks against mission or task benefits. As professionals, Navy personnel are responsible for managing risk in all tasks while leaders at all levels are responsible for ensuring proper procedures are in place and that appropriate resources are available for their personnel to perform assigned tasks. The Navy vision is to develop an environment in which every officer, enlisted, or civilian person is trained and motivated to personally manage risk in everything they do.
If only our major business entities would would fully encompass the following steps with all employees and processes then more lives would be saved, corporate assets would be protected and the enterprise would be ever more resilient:

(1) Identify the hazards;

(2) Assess the hazards;

(3) Make risk decisions;

(4) Implement controls; and

(5) Supervise.
Yet the losses and the potential for loss continues across the organizations who are well equipped to make Operational Risk Management a part of every person and operating divisions daily mind set:

The places change, the numbers change, but the choice of weapon remains the same. In the United States, people who want to kill a lot of other people most often do it with guns.

Public mass shootings account for a tiny fraction of the country’s gun deaths, but they are uniquely terrifying because they occur without warning in the most mundane places. Most of the victims are chosen not for what they have done but simply for where they happen to be.

There is no universally accepted definition of a public mass shooting, and this piece defines it narrowly. It looks at the 172 shootings in which four or more people were killed by a lone shooter (two shooters in a few cases). It does not include shootings tied to robberies that went awry, and it does not include domestic shootings that took place exclusively in private homes. A broader definition would yield much higher numbers.

Whether it is on the deck of an aircraft carrier or within any organizations business facility, operational risk is pervasive. It is up to you and your organization to begin to make a difference...

No comments:

Post a Comment