Basic Foundation for Operational Risk Management

This four-day course will provide an overview about operational risks from business processes and silo perspectives anchored on safety, health, environments and quality (SHEQ). The focus is more on operational risks than financial risks. This course is best for all levels of managers, risk management practitioners and people new to this aspect.

The course will allow the participants to look at risk management holistically and consider that every member of the organization plays key roles in risk management.

Different risk analyses tools will also be introduced such as Fault Tree Analysis (FTA), Event Tree Analysis (ETA), Probabilistic Risk Analysis (PRA), Failure Modes, Effects and Criticality Analysis (FMECA) and Hazard and Operability Analysis (HAZOP). This course will also use some engineering, statistical and business analysis tools. It will also provide an overview on Business Continuity Planning (BCP).


Upon completion of this course, the participants are expected:

1. To learn the core and basic principles behind Operational Risk Management

2. To look and review at several risk analysis techniques (cause consequence analysis, fault tree analysis, event tree analysis, failure modes and effects analysis, sneak circuit analysis, etc.)

3. To establish an initial background in Operational Risk Management implementation as related to safety, hazard, environment, maintenance and regulatory compliance;

4. To look and compare at several international risk management guidelines and framework;

5. To provide a guideline in developing a model of a management structure to support Operational Risk Management Program.


1. What are risks?

 1.1 Dilemma in Defining Risks
 1.2 International Standards of Defining Risks
 1.3 Characteristics of Risk in Modern System
 1.4 Establishing Guidelines for Defining Risks

2. How is risk assessed?

  2.1 A Glimpse of the Risk Management Doctrine
  2.2 Hazard and Hazard Identification
  2.3 Accidents, Threats and Exposure
  2.4 Introduction to Risk Analysis
   	2.4.1 Preliminary Hazard Analysis
       2.4.2 Hazard and Operability Study
   	2.4.3 Fault Tree Analysis Workshop 
       2.4.4 Event Tree Analysis
       2.4.5 Cause-Consequence Analysis
       2.4.6 Sneak Circuit Analysis
       2.4.7 Probabilities Risk Assessment
       2.4.8 Failure Modes, Effects and Criticality Analysis
     	2.4.9 Management Oversight and Risk Tree

3. How are risk tolerance limits accepted?

  3.1 Establishing Risk Tolerance Limits
     3.1.1 Formal Analysis
     3.1.2 Professional Judgment
     3.1.3 Bootstrapping
  3.2 Iso-Risk Contours
  3.3 Stairway Risk Plot
  3.4 Risk Assessment Matrix
  3.5 Evaluation of Probability and Severity
     3.5.1 Interpretations of Severity and Probability
  3.6 Use of Subjective Scales
  3.7 Setting a Standard for Risk Acceptability

4. How is risk managed?

  4.1 Mathematical Justification of Enterprise-wide Risk Management
  4.2 Counter-measures and Risk Mitigation Measures
  4.3 Risk Options /Reducers/Selectors
  4.4 Who Does the Analysis?
  4.5 Who Does the System Safety Cost?

5. The Cost of Risk Assessment and Management


6. Abuses Prevalent In Risk Assessment and Management

7. When are risks acceptable?

  7.1 Definition of Terms
  7.2 Benefit worth risk
  7.3 Justifications of an enterprise-wide risk management program
  7.4 Fundamental criteria

8. When Strategies are applicable?

   8.1 Functions of Strategy
   8.2 Probability of Success
   8.3 Strategy and Adversity
   8.4 Which is the ‘winning’ strategy?

9. Decisions

  9.1 Under certainty
  9.2 Under Risk
  9.3 Under Uncertainty - maximin
  9.4 Under Uncertainty - maximax
  9.5 Under Uncertainty - minimum regret criterion
  9.6 Under Uncertainty - criteria of rationality
  9.7 Burden of deciding


The course incorporates group discussions and series of workshops and simulations to enable the participants to have an initial experience of the framework of risk management based on acceptable international standards.