This alert may not be shared outside your organization, Do Not Repost or send, place on other websites, List servers, or send to others via email, including other associations or parties.  Members and Law enforcement use only. Contact us for any permissions.  To do otherwise will result in the loss of membership.

Complete Story
 

11/03/2018

Redefining the Meaning of Operational Risk

The State of Security

The definition of “operational risk” is variable but it generally covers the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events.

I, however, want to re-examine this general definition, so that the definition of operational risk takes into account all the cybersecurity-related risks that are currently plaguing organizations today. With the current definition, one cannot quantify internal processes and people.

For example, organizations can ask themselves a few questions. When is there an event that causes a disruption? What internal processes failed? What aspect relating to people needs to re-examined?

We know that operational risk exists in every organization and that size does not matter. What matters, however, are two critical areas that need to be included in the operational risk definition: internal controls and user awareness.

Read more...

Printer-Friendly Version


Resources

Alerts

The FRPA alert system distinguishes us from other groups by gathering and providing information to law enforcement, retailers AND financial institutions.

more information
Resources

Resources

Your electronic library to help in fighting financial fraud for all of our partners.

more information