Overview

Practitioner manual to operational risk blending contemporary challenges with case studies  Managing Operational Risk in a Changing World is both a practitioner's manual and a classroom text that blends nearly 40 years of frontline experience with emerging themes that define today's risk landscape, from climate change and ESG to AI, DE&I, cyber threats, and pandemics. Unlike existing titles that focus on defining operational risk or recounting its history, this book is organized around contemporary challenges, showing how frameworks and methodologies can be applied in practice.   The book contains interviews with industry veterans, from Barings to Silicon Valley Bank, who share their perspective and strategy for managing operational risk. In Managing Operational Risk in a Changing World, readers will find insights on:  Recent regulations focused on managing emerging risks, such as the Digital Operational Resilience Act (DORA)  Firewalls, intrusion detection systems, and encryption as critical elements in a robust approach to cyber risk management  Data governance and data controls—checking and cleaning up erroneous data, and performing independent reviews  Operational risks associated with geopolitical events, including people, processes, technology, and external factors  The operational risk discipline is in flux, with regulators raising expectations and new risks constantly surfacing. Managing Operational Risk in a Changing World is required reading for all OpRisk professionals, academics, and students seeking to stay ahead of the curve. 

Full Product Details

Author:   Penny Cagan
Publisher:   John Wiley & Sons Inc
Imprint:   John Wiley & Sons Inc
ISBN:  

9781394421619

ISBN 10:   1394421613
Pages:   352
Publication Date:   28 April 2026
Audience:   Professional and scholarly ,  College/higher education ,  Professional & Vocational ,  Postgraduate, Research & Scholarly
Format:   Hardback
Publisher's Status:   Forthcoming
Availability:   Awaiting stock  

Table of Contents

Contents Acknowledgments  xiii Intoduction to Operational Risk Book  1 Operational Risk at a Crossroads 1 Chapter 1 The History and Importance of Operational Risk  3 The Definition of Operational Risk 3 The Impact of the Barings PLC Unathorized Trading Event 5 The Introduction of Basel II and Operational Risk Capital Adequacy 5 The Language of Operational Risk 8 Basel III Endgame 9 Significant Unauthorized Trading Events 11 Chapter 2 Managing Operational Risk in the New World Order 19   Managing Through the Great Challenges of Our Time 19 Managing Operational Risks Associated with Geopolitical Events 21   Communicating Operational Risks 27   Interview with Industry Veteran on Managing Operational Risk and Compliance: Mike Silva 28   Chapter 3 Building the Team for Today and Tomorrow Across the Lines of Defense 33   Managing Operational Risk Across the Lines of Defense 33   General vs. Specialist Roles 36   The Composition of Operational Risk Teams 37   Interview with Industry Veteran on First-Line Risk Management: Aarona Chou 38     Chapter 4   Making It Real: Developing a Framework for the Real World 43   The Operational Risk Framework Is Only as Effective as Its Implementation 44   Elements of the Framework 46   Governance 46   Policies and Procedures 47   Risk Appetite 48   Key Risk Indicators 49   Loss Data 50   Risk and Control Assessment 51   Scenario Analysis 52   Issue Management 53 Monitoring and Reporting 54   Culture and Awareness 55   Chapter 5   Managing Operational risk appetite and Key Risk Indicators 59   Definitions 60   Considerations When Managing Risk Appetite 60   Risk Appetite Framework 62   Integration with Operational Risk Program Components 66   Key Risk Indicators 67   Chapter 6     Developing and Deploying Risk Assessments 73   Risk and Control Self-Assessment Overview 73   Governance: Defined Roles and Responsibilities 75   Communication Plan 78   Leveling Up: Determining Risk Assessment Units 79   The Perspective: Top Down and Bottom Up 81   Technology Enablement 84   Methodology: Rating Risks and Controls 86   Process Mapping 93   The Trigger-based Approach 94   Remediation 96   Reporting on the Results 98   Chapter 7   Internal and External Loss Data 103   Types of Loss Data 105   Roles and Responsibilities 106   Framework and Methodology 107   Internal Loss Data 108   Stage 1: Identify 109   Stage 2: Assess 113   Stage 3: Mitigate 116   Stage 4: Monitor 116   Stage 5: Report 117   External Data 118   Citibank Revlon Bond Case Study 120       Chapter 8 Setting Up the Guardrails: Operational Risk Governance 123 Risk Culture 124   Training 127   Conduct Risk 127   Policies and Frameworks 131   Governance 134   Risk Committees 135   Interview with Industry Veteran: Maureen Day 138   Wells Fargo Pays USD $7.57 Billion in Penalties and Redress Over Retail Customer Violations 141     Chapter 9   The Fourth Line: Managing Regulatory Risks 151   The Regulatory Climate 151   Managing Regulatory Relationships 155   Tracking Regulatory Changes 158   Regulatory Expectations 159   The Four Lines of Defense Model 160   Seeking Help 161   Confidential Supervisory Information 162   Interview with Industry Veteran on Managing Regulatory Risk: Tom Balogh 164   Chapter 10 It Could Happen Here: On Developing Scenarios 169   The Scenario Program 172   The Scenario Framework 172   Governance and Framework 172   Preparation 175   Facilitation 176   Scenario Workshop 178 Reporting and Alignment 179 Scenario Examples 182   Interview with Industry Veteran on the Use of Scenarios: Evan Sekeris 184 Chapter 11   Know Your Process: Managing Execution Risks 191   Managing Through the Operational Risk Framework 194   Governance 195   Policies and Procedures 195   Risk Appetite and Key Risk Indicators 196   Loss Data, Incidents, Escalations, and Issue Management 198   Risk and Control Assessment 199   Scenario Analysis 202   Monitoring and Reporting 204   Culture and Awareness 204   Payments 205   Boeing Case Study 206   Citigroup Fat Finger Case Study Courtesy of IBM 209     Chapter 12    Managing Change, and Product and Service Risk 219 Change Management 219   Lifecycle 222 Change Initiative Risk Assessment 225 Roles and Responsibilities 227 Waterfall vs. Agile 227 Success Criteria 228 Products and Services Change Initiatives 229 U.S. Regulatory Guidance 231 Chapter 13   Managing Data Risk, AI, and Machine Learning 239   Data Risk Management Framework 241   Governance and Policies and Procedures 244   Risk Appetite and Key Risk Indicators 245   Loss Data 246   Risk and Control Assessments and Maturity Assessment 247   Scenario Analysis 248   Monitoring and Reporting 250   Cultural Awareness 250   AI and Machine Learning 250   Data Is Foundational to AI and Machine Learning 252   AI-Specific Operational Risks 253   Using AI to Manage Risk 254   Interview with Industry Veteran on Data and Machine Learning: Jae Kang 256 Chapter 14    Managing Cyber Risk 261   A Tale of Two Attacks 262   Cyber Frameworks 263   Aligning NIST to an Operational Risk Framework 271   Strong Cyber Practices 274   Interview with Industry Veteran: Alicja Cade 275   United Healthcare Case Study Courtesy of IBM 280 Chapter 15    Managing Third-Party Risk 291   Third-Party Risk Management Framework 292   Planning (Including Governance) 293   Due Diligence and Third-Party Selection 296   Contract Negotiation 298   Ongoing Monitoring 299   Termination 300   Interview with Industry Veteran: Jeannie Pumphrey 303     Chapter 16    Managing Fraud 307   Managing Internal and External Fraud 308   Fraud Risk Management Frameworks 311   JPMorgan London Whale Case from O.R.X: An Example of internal Fraud 318   JPMorgan Pays USD $950 Million in Fines and Settlement   After “London Whale” Trading Losses of Up to USD $6.25 Billion 318   Index 323     The Introduction of Basel II and Operational Risk Capital Adequacy 5

Reviews

Author Information

PENNY CAGAN is a Senior Risk Advisor, where she leads client-facing risk and control engagements with financial institutions. Previously, she served as Managing Director and Head of Operational Risk for UBS Americas and Head of Operational Risk and Governance at MUFG Americas. She founded one of the first operational risk databases, which became an industry standard. Her contributions have earned her Outstanding Contribution to Operational Risk and Ten Years of Excellence awards from Operational Risk & Regulation Magazine. She teaches as a part-time adjunct faculty member in Columbia University’s Enterprise Risk Management Master’s program and at NYU’s Management and Analytics Master’s Program.

Tab Content 6

Author Website:  

Countries Available

All regions