logo

Operational Risk Management

Operational Risk Management (ORM) is the generic term used when dealing with the protection of a company´s assets in what ever form they exist.

Talk to a board member and they will tell you that they view RM in relation to bottom line profit, share value and various remuneration schemes. The Head of Legal, will view it as protecting the company from expensive litigation whilst the Head of Audit sees the haemorrhaging of funds as a ORM problem. The ORM adopts the practical approach and views losses through fraud, theft and project compromise as a serious problem.

In reality, they all provide a piece of the puzzle.

ORM can cover, but not be restricted to:

  1. Physical assets - treasury, property portfolio, plant and equipment (internal and external)
  2. Proprietary information
  3. Client base and market intelligence
  4. Environmental incidents, plus
  5. Any other incident likely to have significant commercial implications.

To achieve effective levels of protection on the above, best practice shows the clearest approach is to establish a Risk Management Department (hard option) or a Risk Management Unit (soft option).

The ORM Dept should house the skills of all the disciplines needed to reduce corporate risk, namely Legal, Audit and Group Security Adviser, with access to a dedicated team (both internal and external), previously identified and tasked in their respective roles, able to respond within an hour of a serious incident being reported.

HSI Ltd provides a support service to those engaged in ORM