- Brenda Boultwood, senior vice-president, industry solutions, MetricStream
- Jodi Richard, senior vice-president, chief operational risk officer, US Bank
- Andrew Richardson, vice-president, enterprise and operational risk, Coast Capital Savings
- Moderator: Alexander Campbell, editor, Risk.net
Traditionally, operational risk management (ORM) has been seen as merely another category of risk, distinct from market and credit risk, and defined as the risk resulting from failed processes, people or technology. However, with the convergence of governance, risk and compliance (GRC) functions, the boundaries and scope of ORM are continuously expanding. Today, operational risk needs to be tightly knit with an integrated risk management strategy across an organisation, including cyber risk, vendor risk and compliance risk management. Therefore, the responsibilities of ORM professionals are constantly growing to encompass managing the cyber threat landscape, maintaining vendor transparency and minimising the risk of non-compliance.
Our panel of experts discuss changes in the traditional approach to ORM, the emergence of GRC and its impact on ORM, the integration of ORM with multiple risk functions, and leveraging technology to facilitate new frameworks.