Operational Risk and Convergence

In this chapter, we explore the growing enthusiasm for convergence, or governance, risk, and compliance (GRC). Both terms refer to the adoption of an integrated approach to managing the various elements of operational risk so that related activities can be leveraged, efficiencies attained and more powerful risk management results achieved. We will consider how a converged approach can be effective in assessment and in metrics and will discuss the powerful reporting possibilities that can result from an integrated approach.


Operational risk management aims to provide transparency into the operational risk exposures of the firm, by identifying, assessing, monitoring, controlling, and mitigating those risks. The depth and breadth of operational risk in every firm means that the operational risk department needs to take on a unique role. Not only must it build partnerships with all of the underlying operational risk activities, but also attain a governance structure that allows it to influence decision making at every level of the firm. In addition, it often has to facilitate a culture change across the firm so that operational risk management becomes a day-to-day embedded activity in the firm.

The rise of operational risk management has led to the emergence of integration and convergence initiatives and has energized enterprise risk management (ERM) discussions. The qualitative tools of the ...

Get Operational Risk Management: A Complete Guide to a Successful Operational Risk Framework now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.