Changing Hats: Business Continuity to Operations Risk Manager. Presenter

Size: px

Start display at page:

Download "Changing Hats: Business Continuity to Operations Risk Manager. Presenter"

Dortha Bell
5 years ago
Views:

1 Changing Hats: Business Continuity to Operations Manager Continuity Insights Management Conference New Orleans, Louisiana Tuesday, April 13, :45 11:00 AM Presenter Susan Rogers, MBCP Senior Vice President Compliance and Operations Management Bank of America Corporation Contact information (215) Page 2 1

2 Discussion Agenda Compare Understand the connections between Business Continuity and Operations Management Roadmap Define a path to Operations Management Tools Learn the tools to make the transition Q&A Page 3 Comparison Agenda Define s Understand the /Reward Balance Compare Business Continuity (BC) skills to Operation Manager (ORM) skills Compare: Understand the connections between Business Continuity and Operations Management Page 4 2

3 Define Operations s the risk of direct or indirect loss resulting from inadequate or failed internal processes, people and systems or from external events Basel II Accord Page 5 Define s the possibility of loss on an investment Operational risk management mitigate technical failure & human errors Financial risk management handle payment and rate change impact to firm Market risk management deal with interest rate, equity & currency risk Credit risk management the risk of the probability of nonpayment of debtors Enterprise risk Management minimize effect of all risk on the organization Enterprise Management Credit Market Operations Financial Legal People Process Technology External Event Talent Mgmt Privacy Security Business Continuity Internal Fraud Change Mgmt Application Crisis Response Governance Project Mgmt Additional Resources: 3

and Reward Balance Appetite defines how much risk an organization is willing to take Controls must be balanced and just right to mitigate risk and delivery shareholder equity Page 7 Compare BC & ORM

4 and Reward Balance Appetite defines how much risk an organization is willing to take Controls must be balanced and just right to mitigate risk and delivery shareholder equity Page 7 Compare BC & ORM Business Continuity Skills Identification, evaluation and prioritization Business Impact Assessment Business Continuity Strategies, Build solutions & BC Plans BC, DR & Emergency Management Testing Published Lessons Learned; refresh plans quarterly & yearly; maturity model framework approach Identify Assess Mitigate Test Improve Page 8 Operations Skills Define Appetite, regulatory and operational prioritization Assessment, Baseline Assessment of Organizational Controls & Mitigation Plans Independent testing, Sarbanes Oxley Controls Testing Publish Point of View, Assessment results, Issues Management, regulatory & audit support 4

5 Roadmap Agenda 1. Begin with the End in Mind; Understand an ORM Job Description 2. Perform a Gap Analysis of your Skills 3. Fill the Gaps Roadmap: Define a path to Operations Management Page 9 ORM Job Description & Gap Analysis of your Skills Fill the Gaps A handout will be provided at the conference Page 10 5

Tools Agenda Current Environment Needs COSO, CoBit & Other Standards Assessment & Project Tools Tools: Learn the tools to make the transition Page 11 Current

6 Tools Agenda Current Environment Needs COSO, CoBit & Other Standards Assessment & Project Tools Tools: Learn the tools to make the transition Page 11 Current Environment Be aware of the company big picture Consider increased regulatory oversight Understand the independent point of view Find opportunity within your company Page 12 6

Monitoring Areas Page 13 Assessment & Project Tools COSO ERM Framework Mapping COSO to

7 COSO, CoBit & More Objective: Find a framework and standard risk methodology in which to base your education and understand how to apply Assessment, Control Activities, and Monitoring Areas Page 13 Assessment & Project Tools COSO ERM Framework Mapping COSO to CoBit Assessment Matrix RACI Chart Six Sgma DMAIC Cycle Independent Point of View Page 14 7

Questions & Discussions References 1. About the COSO Framework: Background and Essential Facts." SOX-online: The Vendor-Neutral Site n. page. Web. 12 Mar 2010. <http://images.google.com/imgres?

8 Questions & Discussions References 1. About the COSO Framework: Background and Essential Facts." SOX-online: The Vendor-Neutral Site n. page. Web. 12 Mar < 7_ZrZ5zo0pjIMSxZE83aP5PHhFw=&h=406&w=450&sz=90&hl=en&start=2&itbs=1&tbnid=RUfe_p_J2i3fXM:& tbnh=115&tbnw=127&prev=/images%3fq%3dcoso%2bcube%26hl%3den%26sa%3dn%26gbv%3d2%26ndsp%3d18%26tbs %3Disch:1>. 2. "AICPA Clarified Assessment Standards." AICPA, The American Institute of Certified Public Accountants. AICPA, 15 December Web. 12 Mar < 3. "Banking Information and Regulation." Board of Governors of the Federal Reserve System. N.p., n.d. Web. 12 Mar < 4. "Basel Committee on Banking Supervision - Consultative Document on Operations." Banking For International Settlements. BASEL, 31 May Web. 12 Mar < 5. "Enterprise Management, Integrate Framework." COSO. Committee of Sponsoring Organizations of the Treadway Commission, September Web. 12 Mar < 6. "FFIEC IT Handbook InfoBase." The Federal Financial Institutions Examination Council. FFIEC, n.d. Web. 12 Mar < 7. "IIA Training." Institute of Internal Auditors n. pag. Web. 12 Mar < 8. "Mapping COSO into COBiT." ISACA, trust in, and value from, information systems. ISACA, n.d. Web. 12 Mar < cfm>. 9. "RIMS Website." and Insurance Management Society, Inc. n. pag. Web. 12 Mar < 10. " Management Articles Archive." Management n. pag. Web. 12 Mar < 11. "RMA's Operational Management Program." RMA, the Management Association n. pag. Web. 12 Mar < 12. "Types of Management." Financial Maps of the World n. pag. Web. 12 Mar < D Page 16 8