Operational Resilience

An RMIA Virtual Course in partnership with The Protecht Group.


This workshop is aimed at risk practitioners and business managers who are responsible for meeting the new operational resilience requirements and expectations of the regulators and stakeholders and / or are looking to implement a robust value adding operational and business resilience capability. 

The workshop leverages the extensive guidance issued to date by the financial services regulators (including the FCA, PRA, Basel, ECB and Fed). This guidance is used as a base for introducing a comprehensive, practical and efficient resilience methodology which leverages from, and integrates with, your existing ERM framework, including BCP,  Recovery and Contingency Plans, Stress Testing and Capital Management capabilities.

Course Overview

1.  Defining Operational Resilience

  • What is Operational Resilience?
  • Operational, Business and Financial Resilience – Different or the Same?
  • Operational Resilience, Enterprise Risk Management, BCP, Recovery and Contingency Plans, Capital Management – How Do They All Fit?

2.  Why?  The Drivers and Objectives of Operational Resilience 

  • Drivers: Regulatory, COVID and Better Management
  • Defining the Objectives: Regulatory, Organisational

3.  What? An Operational Resilience Methodology and Ecosystem

  • An Operational Resilience Management Framework.
  • Defining business service and resilience objectives, and impact types
  • Identifying and documenting “Important Business Services” and levels of granularity
  • Mapping Resources, Risk and Controls to Important Business Services
  • Linking to existing processes
  • Setting impact tolerances and linking to Risk Appetite
  • Identifying severe but plausible “shock” scenarios and linking to impact on Resources
  • Simulating shock scenarios to determine impacts and assessing impacts against impact tolerances
  • Learning from simulations and incidents.
  • Using metrics to monitor resilience
  • Accountability and Reporting: Providing Self Assessment Assurance.
  • Communication Plans for Resilience Events

4.  Business Service and Resilience Objectives

  • Who are the stakeholders?
  • Defining the service and resilience objectives of each stakeholder?
  • Defining impact types

5.  Important Business Services

  • What are Important Business Services
  • Understanding and documenting the process / value chain and mapping value chains across multiple business units

6.  Resources

  • Identifying and mapping the Resources for each Important Business Service
  • Linking to existing information and processes

7.  Linking Risks and Controls

  • Linking risks and controls to the Importance Business Services and leveraging existing risk information
  • Using Controls Assurance to understand resilience of controls
  • Using risk metrics and indicators to monitor resilience

8.  Impact Tolerances

  • Identifying impact types and setting impact tolerances for each type
  • Linking impact tolerances to risk appetite and to risk assessment scales

9.  Scenarios

  • Identifying and understanding plausible scenarios and linking with Resource disruption
  • Simulating scenarios
  • Demonstrating resilience

10. Learning from Experiences

  • Scenario simulation and actual incident learnings: Single points of failure. Concentrations, Excess concentration, process weaknesses, control gaps and control weaknesses
  • Determining, recording and actioning issues and actions

11. Reporting for Operational Resilience

12. Managing a Resilience Event

13. Governance Self-Assessment and Assurance for Resilience

14. Practical Implementation

15. Conclusions and Takeaways

Learning Objectives

  • An in-depth understanding of the meaning and scope of operational resilience
  • A detailed understanding of the current regulatory guidance on operational resilience
  • The ability to design an effective and efficient operational resilience methodology and process
  • An understanding of how operational resilience fits in to an ERM framework and into existing “resilience” related processes.
  • An understanding of how a practical operational resilience capability would operate.
  • An appreciation of the reporting requirements for operational resilience

Format of the Course

This course is delivered in an entirely online COVID-Safe format. The course is a total of six (6) hours delivered in four 90-minute sessions via the GoToTraining Platform.

TRAINERDavid Tattam from The Protecht Group

Author of 'A Short Guide to Operational Risk', David’s vision is to redefine the way the world thinks about risk and risk management.  He is passionate about risk and risk management and in reaping the value that risk and good risk management can create for any organisation willing to embrace it.  David is the driving force behind Protecht’s risk thinking, pushing risk management to the frontiers of what is possible. He is also focused on driving the uplift of people risk capability through training and content. David is particularly passionate about risk management research and is prolific in creating a wide range of content delivered in blogs, ebooks, webinars and training courses. He has developed Protecht’s comprehensive suite of  risk management training courses has trained many thousands of risk practitioners across the globe. David also manages Protecht’s consulting business offering a range of risk consulting capabilities from Risk Management Framework to Risk Appetite Statement development. Prior to co-founding Protecht, David was the Chief Risk Officer and Head of Operations for the Australian operations of two global banks. He started his career as a Chartered Accountant and Auditor with Grant Thornton and PwC. David is an Associate of the Institute of Chartered Accountants in Australia and New Zealand and a Senior Fellow of the Financial Services Institute of Australia.

INVESTMENT: $715.00 incl.GST for Members

$858.00 incl. GST for Non-Members

CPD: 12 points

When you register for this course you agree to the RMIA passing your registration details onto our Training Partner, The Protecht Group.

For Group Bookings please email events@rmia.org.au or call 0430 157 508.

To register for this event go to Upcoming Events for current courses available.