Skip to main content

No Excuses: A Business Process Approach to Managing Operational Risk



No Excuses: A Business Process Approach to Managing Operational Risk

Dennis I. Dickstein, Robert H. Flast

ISBN: 978-0-470-22753-4 December 2008 308 Pages


Why should a company have an operational risk management function and how should it be organized? No Excuses proposes that operational risk should be examined through the business processes, that is, the flows of business. It provides practical, how-to, step-by-step lessons and checklists to help identify and mitigate operational risks in an organization. As well, it shows how operational risk can be directly linked to the process flows of a business for all industries. CEOs, CFOs, COOs, CROs, CIOs, and CAOs will benefit from this innovative book.

Part One: Where We Are Now.

Chapter 1 Surviving a Series of Unfortunate Events.

Crime of the Century.

Another View of the Barings Collapse.

A Story Closer to Home.

The Firefighter and the Fire Marshal.

How Do We Get There?

Chapter 2 What Is Operational Risk?

An Unfortunate Historical Event.

Operational Risk = Unexpected Risk.


Brief History.

Risk Techniques.

Individual Responsibility.

Corporate Evolution.

Types of Operational Risk.

Principles of Operational Risk Management.

New Framework for Operational Risk Management.


Chapter 3 What Is Business Process Management?

A Study in Green, Gold, and Platinum.


Enhanced Business Process Management Cycle.


Part Two: Where We Want To Be.

Chapter 4 Integrating Process and Risk Frameworks: Prologue.

Overview of the Integrated Model.


Chapter 5 Aligning Risk Appetite with Business Goals.

Famous for the Wrong Reason.

Famous for the Right Reason.

Activities of Setting Business Objectives.

Activities of Setting Risk Objectives.

Activities of Designing or Redesigning Business Processes.


Chapter 6 Determining Potential Risk of Business Processes.

Can Accidents Be Prevented?

Business Process Simulation.

Activities of Determining Potential Risk.

Tools for Identifying Potential Risk.


Chapter 7 Monitoring Process and Risk.

Keep Your Company Safe.

Activities of Ongoing Business Process Monitoring.

Activities of Ongoing Operational Risk Monitoring.

Numbers Are Not Always Necessary.


Chapter 8 Active Risk and Process Management.

Comply with the Law.

Activities of Managing Operational Risks.

Managing Risk while Managing Processes: An Integrated Framework.


Chapter 9 Integrating Process and Risk Frameworks: Epilogue.

Integrated Model in Detail.


Part Three: How We Get There.

Chapter 10 Role of Technology.

Test Your Safety Net.

Technology as Part of the Problem.

Managing IT Risks.

Managing IT Processes.

IT Tools for Managing Business Risks and Processes.


Chapter 11 Role of Outsourcing and Offshoring.

Toys May Be Dangerous.

Origins of Outsourcing and Offshoring.

Risks of Outsourcing and Offshoring.

Managing Outsourcing and Offshoring.


Chapter 12 Role of Organizations.

Communication Is Necessary.

Organization as a Source of Risk.

People Failure.

Strategic Approach.

Organization Design Principles.

Organizing to Manage Risk.

Responsibilities of a Risk Unit.

Confrontation versus Concurrence.


Chapter 13 Role of Corporate Governance.

Corporate History.

When Governance Eventually Works.

Chain of Command.




Part Four: Next Steps.

Chapter 14 Changing Corporate Culture.

People Who Work in Glass Houses . . . .

Spreading the Word.

Getting There Can Be Tough.


Chapter 15 Preventing Another Series of Unfortunate Events.

Another Crime of the Century?

Are People Listening?

Get It Done on Your Own or With Help.