Curriculum
Qualifi Certified Professional in Operational Risk Management (QCP-ORM)
Module 1 Operational Risk Foundations, Drivers, Taxonomy, and Risk Context
0/37
Module 2: Operational Risk Governance and Framework Design
0/30
Module 3 Operational Risk Identification, Assessment, Analysis, and Reporting
0/30
-
Overview Module 3 / Session 1 Operational Risk Identification Using Process Analysis and Activity Review
Preview -
Module 3 / Session 1 Operational Risk Identification Using Process Analysis and Activity Review
-
Activity : Map the process and spot the risk
-
Mini-case: Settlement delays at CedarPay Services
-
Process-based operational risk identification
-
Downloadable Worksheet| Module 3 / Session 1 Operational Risk Identification Using Process Analysis and Activity Review
-
Formative quiz| Module 3 / Session 1 Operational Risk Identification Using Process Analysis and Activity Review
-
Overview Module 3 / Session 2 | Conducting a Structured Risk and Control Self-Assessment (RCSA)
Preview
-
Module 3 / Session 2 | Conducting a Structured Risk and Control Self-Assessment (RCSA)
-
Activity : Build an RCSA for an Assigned Process or Business Area
-
Mini-case: Orion Bank card-dispute operations
-
Formative quiz| Module 3 / Session 2 Conducting a Structured Risk and Control Self-Assessment (RCSA)
-
Structured RCSA
-
Overview Module 3 / Session 3 | Scenario Analysis, Control Evaluation, and Event Review
Preview
-
Module 3 / Session 3 | Scenario Analysis, Control Evaluation, and Event Review
-
Activity: Assess the scenario, rate the controls, review the event
-
Mini-case: NovaBank digital-account onboarding disruption
-
Formative quiz Module 3 / Session 3 | Scenario Analysis, Control Evaluation, and Event Review
-
Integrated assessment note
-
Overview Module 3 / Session 4 | Operational Risk Information, KRIs, Threshold Triggers, Event Data, Issue Logs, and Action Plans
Preview
-
Module 3 / Session 4 | Operational Risk Information, KRIs, Threshold Triggers, Event Data, Issue Logs, and Action Plans
-
Formative Assignment| Build an Operational Risk Dashboard and Management Commentary
-
Mini-case: Horizon Bank onboarding and access control trends
-
Formative quiz Module 3 / Session 4 | Operational Risk Information, KRIs, Threshold Triggers, Event Data, Issue Logs, and Action Plans
-
Operational risk information
-
Overview Module 3 / Session 5 Preparing Operational Risk Reports and Dashboards for Management
Preview
-
Module 3 / Session 5 Preparing Operational Risk Reports and Dashboards for Management
-
Mini-case: Orion Bank monthly operational risk report
-
Formative quiz Module 3 / Session 5 | Preparing Operational Risk Reports and Dashboards for Management
-
Assignment: Prepare a concise operational risk dashboard or management
Module 4 Technology, Third-Party Risk, Operational Resilience, and Professional Recommendations
0/28
Text lesson
Overview Module 3 / Session 3 | Scenario Analysis, Control Evaluation, and Event Review
Welcome to Session 3
This session helps you deepen operational-risk assessment. You will use three practical tools together: scenario analysis, control evaluation, and event review. The goal is to turn risk language into a clear assessment view that management can act on.
Learning objectives
- Explain the purpose of scenario analysis in assessing operational-risk exposures beyond historical loss experience.
- Evaluate the design and operating effectiveness of preventive, detective, corrective, and monitoring controls.
- Use event review and lessons learned to identify underlying causes, control weaknesses, and management actions.
- Differentiate between inherent exposure, control strength, residual exposure, and escalation implications.
- Produce a structured assessment note that combines scenario analysis, control evaluation, and event review.
Core ideas for this session
- Scenario analysis supports forward-looking operational-risk assessment.
- Control evaluation should separate design effectiveness from operating effectiveness.
- Event review turns incidents and near misses into learning.
- Residual risk depends on both the exposure and the real strength of controls.
- A practical assessment note should combine scenario, controls, evidence, and action priorities.