Media relations, 215
Mergers and acquisitions
(M&As), 38, 275–86
management information,
277–9
merging working practices,
280–3
reasons for failure, 280
Milestones, 189–91, 193
Mission-critical networks, 148
Monitoring, 35, 75
of demand, 119
of performance, see
Performance measurement
transaction monitoring
systems, 80
Multi-year, multi-line insurance
products, 100
National Grid, 251
Net risk analysis, 93
Open culture:
achievement of, 184–6
importance of, 182–4
Operational buffers, 146
Operational controls, see
Controls
Operational integrity, 2, 3
Operational resilience, 5, 48–52,
248
capacity planning and, 57–8,
106–10
cost cutting and, 56–7
crisis management and, 206–16
definition, 50
e-business and, 248–52, 256–8
business drivers, 257
business processes, 257–8
performance obligations, 257
service management, 258–9
stress indicators, 258
focusing on risk management,
55
high-resilience processes, 51
performance measurement,
146
staffing and, 56
Operational risk management, see
Risk management
Operational risk profile, 7
Operations management, 52–8,
79–82, 224
Opportunity, 14, 18, 20
ORCA, 21–4
Organizational model, 67
Organizational objectives, 27–32
risk appetite, 30–2
Outages, 123–5
Outsourcing, 80, 104, 160–79
business processes (BPO), 163,
169–70
challenges, 167–8
evolution of, 162–5
human resource management,
161–2, 168–9
management of outsourcing
risks, 170–7
contract management, 171–5
plan communication, 176–7
pre-outsourcing preparation,
170–1
subcontracting risk
assessment, 175–6
302 Index
reasons for, 164–5
risk exposure, 165–7
risk management outsourcing,
177–9
Overcapacity, 107
People management, see Human
resource management
Performance measurement, 146,
193
outsourcing vendors, 173
Petrochemicals industry, Lifetrack
Project case study,
83–92
Piper Alpha, 1
Policy, see Risk management
framework
Postponement centres, 141
Processes, 67–70
dependence on technology,
148–9
due diligence process, 275–7
information/communication,
34–5, 147
management of, 145–7
operational back-up and
recovery arrangements,
146–7
operational buffers, 146
operational contingency
facilities, 147
performance measurements
process, 146
planning and maintenance,
145
stakeholder communications,
147
monitoring, 35
process flows, 236
process portfolio, 67
process re-engineering, 82
risk assessment, 34
shared service centres, 266
see also Business process
Product life cycles, 141
Progress control, 184
Project management, 104, 134–5,
179–201
achievement recognition,
192–4
constructive challenge
importance, 186–8
goal direction importance,
189–91
open culture achievement,
184–6
open culture importance,
182–4
predictors of project success,
134
quality consciousness, 191–2
risk management, 195–201
external risk, 199–200
financial risk, 199
impact and, 197–8
implementation risks, 200–1
inherent risk, 198
scheduling risk, 199
technology risk, 201
service focus, 194–5
shared service centres, 266,
269–70
teamwork orientation, 188–9
Public expectations, 11–12
Index 303
Public key infrastructure (PKI),
150
Puschaver, Lee, 14
Quality management, 81, 184
quality consciousness, 191–2
RAROC, 228
Re-normalization, 204
Recovery management, 127, 146,
208–14
disaster recovery, 151–2, 202
IT disaster recovery, 151–2,
211
impact recovery management,
204
long-term and short-term
recovery, 154
minimum recovery resources,
154–5
priority tasks, 212–14
recovery locations, 156–60
recovery team, 209, 221–2
target recovery timetables, 154
see also Crisis management
Redundancy, 127–8
Regulation, 9–10, 47
banking sector, 232–3
Reliability, 125–6, 128
Reporting:
crisis management, 223
external, 78
internal, 75–8
board room response, 76–7
business unit reporting
response, 77
individual reporting
response, 78
management reporting
processes, 121
Reputation, 58–60
crisis management and, 104–5
Resilience, see Operational
resilience
Restructuring, 260–86
joint ventures, 271–4
key risk areas, 273–4
mergers and acquisitions
(M&As), 38, 275–86
management information,
277–9
merging working practices,
280–3
shared service centres, 260–71
case for change, 268–71
critical success factors, 265–7
establishment programme,
267–8
options, 263–5
risks, 262–3
Risk, 12–14
as hazard, 14, 17, 19, 20
as opportunity, 14, 18, 20
as uncertainty, 14, 17–19, 20
assessment of, 34, 196
escalation triggers, 237–8
financial sector, 243–5
financial services, 233–40
improvement of, 239–40
loss event database, 238
net risk analysis, 93
risk analysis technique,
15–16
risk indicators, 236–7
304 Index
risk maps/process flows, 236
self-assessment, 235–6
subcontracting risk, 175–6
business change and, 37–43
definitions of, 26–7, 31–2
downside of, 15
operational risk profile, 7
stress indicators, 82
upside of, 15
Risk appetite, 30–2
Risk financing, 94, 97–9
operational risk in the banking
sector, 99
shareholder value and, 98
Risk improvement, 93
Risk management:
alignment, 35–6
benefits of, 44–58
corporate governance and,
287–93
cultural factors, 47–8
definition of, 26–7
evolution of, 3–4
focusing on, 55–6
level of sophistication, 24–6
operational risk management
committee, 69–70
operational risk management
team, 70–1
outsourcing of, 177–9
project risk management, see
Project management
scope of, 2
Risk management framework,
61–4, 135
barriers to, 64
insurance strategy, 93–9
operational controls, 92–3
policy and organization,
66–92
external reporting, 78
internal reporting, 75–8
Lifetrack Project case study,
83–92
operational context, 78–92
process establishment, 68–75
risk management architecture
(RMA), 21–2, 63, 65–6
shared service centres, 263
Risk retention, 94
Risk transfer, 94, 99–101
derivatives, 100–1
finite risk programmes, 100
multi-year, multi-line insurance
products, 100
Scheduling risk, 199
Self-assessment, 235–6
Self-insurance, 95–6
Service delivery, 2, 3, 102–3, 145,
252
e-business, 249
see also Service management;
Shared service centres
(SSCs)
Service level agreements, 81, 119
Service management, 104,
145–60
business continuity planning
(BCP), 152–60
e-business, 258–9
information technology,
147–52
see also Service delivery;
Index 305
Shared service centres
(SSCs)
Shared service centres (SSCs), 80,
260–71
case for change, 268–71
critical success factors, 265–7
establishment programme,
267–8
options, 263–5
risks, 262–3
Shareholder value, 27–9, 44–7,
58
drivers of, 45–7
risk financing and, 98
Shell, 11
Social issues, 11
Sourcing management, see
Outsourcing
Staffing, 56
Stakeholder interests, 27–9,
58–60
communication management,
147
project stakeholders, 180–1
shared service centres, 266–7
see also Shareholder value
Straight-through processing, 80
Strategic alliances, 271–4
key risk areas, 273–4
Strategic planning, banking
sector, 242–3
Strategy, 66
Stress indicators, 82, 258
Subcontracting risk assessment,
175–6, see also
Outsourcing
Supplier management, 104,
139–44
Supportive culture, 186
System development/
implementation, 80
Teamwork, 188–9
Technology, 37, 72
dependence on, 281–2
risks, 201
24-hour society and, 50–1
see also E-business;
Information technology
Threat analysis, 92
Training, 73, 74
crisis management, 223
Transaction monitoring systems,
80
Trusted third parties (TTPs),
150
Turnbull committee, 286
24-hour society, 50–1
Uncertainty, 14, 17–19, 20
Uncertainty management, 16–24,
185
openness and, 183
see also Risk management
Uninsurable risks, 10
Virtual private networks (VPNs),
148
Web-site launches, 246, 253–5,
260, see also E-business
Workflow, 79
306 Index
Get Operational Risk and Resilience now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
