Operational Resilience Series
BGBann_Playbook_Crisis Management

[OR] [P1-S4] Confirm Risk Appetite in Operational Resilience?

Risk appetite is the amount of risk, on a broad level, an organisation is willing to accept in pursuit of value.  

The scope is further enlarged when viewed from an operational resilience perspective.

Risk appetite reflects the organisation’s risk management philosophy and influences its culture and operating style.

This blog [OR-P1-S4] elaborates on the content for Stage 4 of the "PLAN" phase or P1 of the OR Planning Methodology.  

Course Participants: This blog is a pre-reading for the Operational Resilience Expert Implementer course participants.

Certification Application: The "How To" section is designed to assist successful participants in completing their Certification Application Form or CAF.

Moh Heng Goh
Operational Resilience Certified Planner-Specialist-Expert

New call-to-actionOR PM Plan Embarking the Operational Resilience JourneyWhat is Risk Appetite?

Risk appetite is the amount of risk, on a broad level, an organisation is willing to accept in pursuit of value.  The scope is further enlarged when viewed from an operational resilience perspective.

It reflects the organisation’s risk management philosophy and influences its culture and operating style.

Many organisations consider risk appetite qualitatively, with such categories as high, medium or low, while others take a quantitative approach, reflecting and balancing growth, return and risk goals.

Treat Risk Appetite as Strategic

According to COSO, it is a “guidepost” in strategy-setting. The organization’s business model provides an essential context for assessing risk appetite by clarifying its activities, customers, products, and how and in which markets it conducts business.

A thorough understanding of an organization’s business objectives, strategy and operations is beneficial when articulating the risks it chooses to accept and the risks it chooses to avoid as it creates value. As the organisation executes its operational resilience strategy, it develops and increases its exposure to uncertainty.

Therefore, business objectives and strategies provide the context for understanding the risks the enterprise chooses to undertake. Risk appetite also can set boundaries around opportunity-seeking behaviour, which impacts the entity’s objectives and strategies.

 

  Ignore this section (the entire content in the box in red) if you are not completing your certification application  
  Using BoK 4 as part of your experience justification in the Certification Application   

 

ORCS Operational Resilience Certified Specialist Certification (Size 75)ORCE Operational Resilience Certified Expert Certification (Size 50)Congratulations on passing your qualifying examination and your ORCS/ORCE certification journey!

This guide showcases how to effectively utilize Operational Resilience Body of Knowledge 4 (OR BoK 4) within your "Implement" Phase 1 - Confirm Risk Appetite Stage 4" experience justification for the certification application.

Remember, OR BoK 4 outlines the minimum expected capabilities for an OR professional at this stage.

Demonstrating your expertise:

OR PM Plan Confirm Risk AppetiteTo showcase your relevant experience, it's crucial to integrate the steps outlined in "How to confirm Risk Appetite?" (Refer to the detailed steps as highlighted in the blog) within your application. Here's how:

1. Contextualize: Briefly establish the specific project or organization where you applied the principles.

2. Map stages to experience: Link each step in "How to confirm Risk Appetite?" to a concrete example from your work.

3. Provide evidence: Support your claims with tangible proof, such as:

  • Documents: Risk assessments, reports, meeting minutes, and project plans.
  • Metrics: Quantitative data demonstrating impact (e.g., risk score reduction).
  • Testimonials: References from colleagues or project stakeholders.

Apply for Expert Level CertificationApply for Specialist Level Certification4. Quantify duration: Mention the length of time you spent on each stage, highlighting your dedicated engagement in the process.

5. Go beyond the minimum: While meeting OR BoK 4 expectations is essential, demonstrate how you exceeded them by adding further value. Did you develop innovative approaches? Lead a team through the process? Share such advancements to showcase your initiative and leadership.

 

 

 

 

 

How to Confirm Risk Appetite?

This step is to confirm the organization's risk appetite concerning operational resilience. This involves:

Conduct Risk Assessment

Conduct a comprehensive risk assessment to identify and assess potential threats and vulnerabilities that could impact the organization's operations.

Consider internal and external factors, such as cyber threats, natural disasters, supply chain disruptions, and regulatory changes.

Quantify Risk Tolerance

New call-to-actionQuantify the organization's risk tolerance by evaluating different operational disruptions' potential impact and likelihood.

This will help determine the acceptable level of risk exposure and inform decision-making regarding risk mitigation measures.

Define Risk Appetite Statement

New call-to-actionDevelop a risk appetite statement articulating the organization's tolerance for operational disruptions.

This statement should align with the overall risk appetite framework and guide decision-makers in evaluating and managing operational risks.

BCMPedia Operational Resilience

Additional Explanatory Note 


  Definition Explanation Definition  
  Risk Appetite

is strategic in nature and approved by the board;

is the threshold assigned to each business & functional entity agreed upon and approved by the management

is limited and transactional, with responsibilities of monitoring by each business & functional entity running from bottom-upwards.

has a direct correlation to risk capital allocation

is a qualitative measure.

 New call-to-action  
  Risk Threshold

is the maximum amount of risk that an organization is willing to take or withstand

is a quantitative one.

 New call-to-action  
  Risk Tolerance

may be reflected differently for different objectives, including earnings variability, interest rate exposure, compliance with laws and regulations, and people's acquisition, development and retention.

Related to all of these objectives are expressed differently.

  New call-to-action  
  Confirming Risk Appetite

This blog discusses how management can perform these activities and provide the steps for confirming the risk appetite for operational resilience.

 OR Blog Confirming Risk Appetite  
         
"Plan" Phase of the OR Roadmap

 

Assess Capability and Maturity Analyse Gap Develop Strategy and Roadmap Confirm Risk Appetite Develop and Embed Governance  
OR PM Plan Assess Capability and Maturity OR PM Plan Analyse Gap New call-to-action New call-to-action OR PM Develop and Embed Governance  

 

More Information About Blended Learning OR-5000 [BL-OR-5] or OR-300 [BL-OR-3]


To learn more about the course and schedule, click the buttons below for the OR-3 Blended Learning OR-300 Operational Resilience Implementer course and the OR-5 Blended Learning OR-5000 Operational Resilience Expert Implementer course.

BL-OR-3 Register Now BL-OR-3_Tell Me More BL-OR-3_View Schedule
BL-OR-5_Register Now BL-OR-5_Tell Me More [BL-OR] [3-4-5] View Schedule
[BL-OR] [3] FAQ OR-300

If you have any questions, click to contact usEmail to Sales Team [BCM Institute]

 FAQ BL-OR-5 OR-5000
[BL-OR] [3] What is BL-OR-3 Course?

New call-to-action

 [BL-OR] [3-4-5] What is BL-OR-5 Course?

Comments

 

More Posts

New Call-to-action
BCMIWhiteLogoSmall.png
All rights reserved. Copyright 2024