Risk–Reward Evaluation of Mitigation and Control Effectiveness

Rafael Cavestany and Javier Martinez Moguerza

In Chapter 11, we introduced the integration of the operational risk profile into the business plan and the monitoring of the plan execution using an operational risk appetite framework. Here, we examine examples of the evaluation of controls and mitigation plans that have an impact on the risk profile, which can be used for measuring the consumption of, and/or adjusting the risk limits defined by, the ORA framework.

The impact of the mitigation and controls on the risk levels, ORA, limits and so on should be evaluated, as they change the risk profile of the institution, which is measured by the operational risk capital model. Far too often, the operational risk analysis is single-sided, evaluating only the threats and potential losses. In this chapter we examine various examples of joint analysis of the risk impacts and the benefits of their mitigation.

The chapter is structured into the following sections, describing the risk–reward evaluation of the mitigation actions that can be included in an operational risk business plan:

  • “Insurance programmes: evaluation of their mitigation impact”;

  • “Risk–reward evaluation of the mitigation impact of action plans”;

Sorry, our subscription options are not loading right now

Please try again later. Get in touch with our customer services team if this issue persists.

New to Risk.net? View our subscription options

If you already have an account, please sign in here.

You need to sign in to use this feature. If you don’t have a Risk.net account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here: