Curriculum
Qualifi Certified Professional in Operational Risk Management (QCP-ORM)
Module 1 Operational Risk Foundations, Drivers, Taxonomy, and Risk Context
0/37
Module 2: Operational Risk Governance and Framework Design
0/30
-
Overview Session 1: Operational Risk Governance - Boards, Senior Management, and Accountability
Preview -
QCP-ORM Module 2 / Session 1: Operational Risk Governance - Boards, Senior Management, and Accountability
-
Downloadable Worksheet
-
Mini-case: Orion Payments Group
-
Session assignment: Board and Senior Management Responsibilities for Operational Risk Governance
-
Formative quiz- Module 2- Lesson 1
-
Overview QCP-ORM Module 2 / Session 2: The Three Lines Model and Role Clarity in Operational Risk
Preview
-
QCP-ORM Module 2 / Session 2: The Three Lines Model and Role Clarity in Operational Risk
-
Downloadable Worksheet : QCP-ORM Module 2 / Session 2: The Three Lines Model and Role Clarity in Operational Risk
-
Mini-case: CedarPay Services
-
Applying the Three Lines Model to Operational Risk Management
-
Formative quiz: Module 2 / Session 2: The Three Lines Model and Role Clarity in Operational Risk
-
Overview QCP-ORM Module 2 / Session 3: Policy, Risk Appetite, Risk Tolerance, and Control Environment
Preview
-
QCP-ORM Module 2 / Session 3: Policy, Risk Appetite, Risk Tolerance, and Control Environment
-
Mini-case: NorthGate Payments Group
-
Making Policy, Appetite, Tolerance, and Control Environment Work in Operational Risk Management
-
Downloadable Worksheet : QCP-ORM Module 2 / Session 3: Policy, Risk Appetite, Risk Tolerance, and Control Environment
-
Formative quiz: Module 2 / Session 3: Policy, Risk Appetite, Risk Tolerance, and Control Environment
-
Overview Module 2 / Session 4 Escalation and Reporting Arrangements in Operational Risk Governance
Preview
-
Module 2 / Session 4 | Escalation and Reporting Arrangements in Operational Risk Governance
-
Downloadable Worksheet| Module 2 / Session 4 Escalation and Reporting Arrangements in Operational Risk Governance
-
Mini-case: Delayed escalation in a payment services firm
-
Escalation and reporting review
-
Formative assessment| Module 2 / Session 4 Escalation and Reporting Arrangements in Operational Risk Governance
-
Overview Module 2 / Session 5 Designing the Core Elements of an Operational Risk Management Framework
Preview
-
Module 2 / Session 5 Designing the Core Elements of an Operational Risk Management Framework
-
Activity : Build the framework
-
Mini-case: Building an ORMF for NoorBridge Digital Finance
-
Formative Assessment| Module 2 / Session 5 Designing the Core Elements of an Operational Risk Management Framework
-
ORMF design
Module 3 Operational Risk Identification, Assessment, Analysis, and Reporting
0/30
Module 4 Technology, Third-Party Risk, Operational Resilience, and Professional Recommendations
0/28
Text lesson
Overview QCP-ORM Module 2 / Session 3: Policy, Risk Appetite, Risk Tolerance, and Control Environment
Session overview
This session develops the governance architecture introduced in Sessions 1 and 2 by focusing on four core framework elements: operational risk policy, risk appetite, risk tolerance, and the control environment. Learners examine why these elements matter, how they work together, and how weak design or poor implementation can create confusion, inconsistent escalation, weak control ownership, and unreliable management information.
Learning objectives
- Explain the purpose of operational risk policy and how it supports governance, role clarity, and minimum standards.
- Differentiate risk appetite from risk tolerance and describe how both guide operational decision-making.
- Recognise the practical features of a healthy control environment, including accountability, discipline, evidence, and escalation culture.
- Apply policy, appetite, tolerance, and control-environment concepts to case material and workplace situations.
- Recommend improvements where framework documents exist on paper but are weakly embedded in day-to-day practice.