OPERATIONAL RISK MANAGER CERTIFICATE CANDIDATE GUIDEBOOK The Industry Standard for Operational Risk Practitioners
EXECUTIVE SUMMARY PRMIA s Operational Risk Manager Certificate is designed to deliver a deep, practical understanding of operational risk management frameworks and measurement methodologies in financial institutions. Successful candidates will be better prepared to implement meaningful risk assessment initiatives, produce useful risk management information and understand basic modeling techniques for operational risk measurement. The Operational Risk exam consists of 60 questions. The syllabus is based on the PRMIA Operational Risk Manager Certificate Handbook, together with PRMIA Case Studies which are freely available on the PRMIA website. Registration for the exam is via the PRMIA website and taking the exam is designed to suit the needs of the busy risk professional. Be sure to read this entire document to view important information that will help you to be a successful candidate. We hope that you will join us in promoting the PRM program as the standard for our industry and that you will join in our efforts to ensure that it will continue to meet the needs of our members and our industry. CONTENTS 1 EXECUTIVE SUMMARY 2 PROGRAM DESIGN 2 PROGRAM DATES AND LOCATIONS 3 FEES AND REGISTRATION 3 TAKING THE OPERATIONAL RISK MANAGER EXAM 5 OPERATIONAL RISK MANAGER SYLLABUS 6 PREPARING FOR THE OPERATIONAL RISK MANAGER EXAM
PROGRAM DESIGN KEY LEARNING OBJECTIVES DESIGN RATIONALE The Operational Risk Manager Certificate program was created at the instigation of PRMIA members holding senior positions in the industry who felt there was a gap in the market. It has been designed by industry leaders, all PRMIA members. The Operational Risk Manager Certificate is relevant to all risk-related roles in financial services, in particular Operational Risk Staff, Financial Controllers, Operations and Technology Managers, and Compliance and Legal Officers. A grounding in operational risk management techniques is also becoming increasingly important for front line staff, both from a process and conduct perspective in their dealings with clients and market counterparts. READING MATERIAL PRMIA Operational Risk Manager Certificate Handbook PRMIA Case Studies The key learning objectives of the Operational Risk Manager Certificate are to: Gain an appreciation for the role of risk management in the post crisis financial services industry Gain an appreciation for the role of corporate governance in an organization and of the participants, elements and relationships within risk management governance Gain an understanding of the different roles in risk governance and the place of reporting and the use of various elements of a risk framework Gain an understanding of the theory and process of risk management and the expected results from a successful risk management process List and discuss a set of developments in the governance of risk management, with an introduction to the area of risk culture Describe the elements of a risk management framework and choose the elements to implement in their own workplace Manage an operational risk assessment program and apply it in their workplace Understand how to capture, report and investigate operational risk events, how to produce meaningful Risk MI including Key Risk Indicator (KRI) data and trend analysis, and how to implement operational risk appetite Be able to recognize how operational risk management can assist the overall business and add value PROGRAM DATES AND LOCATIONS For your convenience, the exam is offered on every business day of the week.* You may request to schedule your exams at any time. There is no advantage to taking your exams on any particular date. Questions within exams are drawn from a large database of questions and are administered randomly, creating thousands of unique exam forms, all of comparable difficulty. PRMIA uses the services of VUE, part of the Pearson Publishing family, to administer the ORM exams. Pearson VUE is a professional testing firm that has nearly 5,000 testing centers in more than 165 countries around the world. Please note some important details about registration, cancellation, identification requirements and space availability in the Registration section found on page 3 and 4. *Registration and testing for the ORM exam will begin in early 2015. 2
FEES AND REGISTRATION FEES Fees, relevant to your membership status, are given at http://www.prmia.org/orm-certificate/preparation Payment by credit card is required for online purchases. If you would like to make alternative arrangements, please contact certification@prmia.org. REGISTRATION Registration for the Operational Risk Manager exam will begin in early 2015. Registration will be via the link found at http://www.prmia.org/orm-certificate/preparation. When you register, a voucher number will be provided to you that you can use to schedule your exam at the center, date and time of your choice. PRMIA Sustaining Members are given a 10% discount on the exam fee. You can become a Sustaining Member online at www.prmia.org/individual-membership If you are interested in adopting the Operational Risk Manager Certificate as a corporate program, please contact membership@prmia.org. Special pricing on exam vouchers and preparatory materials may be available to your company. 90 DAY RULE Please note that there is a strict PRMIA policy that exams may NOT be retaken within 90 days of a prior sitting. Any candidate attempt to transgress this policy by whatever means may result in penalties against the candidate which could include forfeit of any PRMIA certifications, vouchers, and possible expulsion from PRMIA. TAKING THE OPERATIONAL RISK MANAGER EXAM EXAM FORMAT The exams are computer-based. You will not receive any copies of the questions. No paper may be brought into the testing center; however, you will be provided with an erasable board upon request. Once admitted to the testing room, there will be a tutorial that introduces the functionality of the exam and a brief message from PRMIA. After this has been viewed, you may begin your exam. You will be asked multiple-choice questions with four possible responses. There are no breaks allowed during the exam. The testing system allows you to mark and review questions as long as time is remaining. Please note that you are unlikely to finish your exams with substantial extra time. You are encouraged to use the tutorial in an expedient manner, but sufficient time is allocated for you to complete the tutorial and the exam. PERSONAL IDENTIFICATION On the date of your appointment, arrive at the testing center at least 15 minutes before the scheduled start time. You must bring two forms of identification with you. The first must be a current government-issued ID with your photograph and signature. Examples of Acceptable Forms of Government Issued ID Driver s License Passport National Identity Card Military ID Examples of Acceptable Forms of Supplemental ID Credit Card Employee ID Card Examples of Unacceptable Forms of ID Library Card Social Security Card 3
ARRIVE ON TIME It is very important that you leave enough time to arrive at the testing center early. Candidates that arrive late to the test center may not be permitted to test. The full charge for the exam will be made if you are not admitted for any reason. As these centers offer exams for other organizations as well, not everyone in the room will be taking the same exam, so no assumptions should be made about when other candidates enter or leave the testing center. CANCELLATIONS/CHANGES In recognition of the busy and changing schedules of risk managers, you may change your exam appointment without charge through the Pearson Vue system at www.pearsonvue.com/prmia. Please note that all change requests must be made at least one business day before the testing date or the entire exam fee will be forfeited. Because of the flexibility in rescheduling, exam fees are non-refundable. EXAMINATION ADMINISTRATION Each testing center has an administrator who can assist candidates with any questions that they may have. In the event of any incident (computer failure, inadequate supplies, excessive noise, or any other circumstance) which the candidate believes is not compatible with good examination conditions, this must be brought to the attention of the examination proctor immediately upon the incident being noticed without continuing the exam. Failure to inform the proctor in this manner will invalidate any subsequent candidate incident reporting which cannot be substantiated by the test center. Your exam results should be available within 15 business days of your test date and will be delivered to you via the PRMIA website which you can access by signing in to your PRMIA member page, go to Membership then PRM Society and finally My PRM Profile. EXAM SECURITY The Operational Risk Manager exam is conducted under secure conditions. Any attempt by candidates to copy questions, by any means including unorganized memorizing, and to distribute these questions to other individuals, will be treated as unethical behavior and may result in penalties against the candidate which could include forfeit of any PRMIA certifications, vouchers, and possible expulsion from PRMIA. Indictment to copy, and usage of copied questions may also result in the same penalties. CALCULATORS An online scientific calculator, Texas Instrument TI308XS, is part of the test delivery system. No other materials may be brought into the exam room with you. It is suggested that candidates purchase the hand-held version (TI-30XS) to fully familiarize themselves with the calculator. 4
OPERATIONAL RISK MANAGER SYLLABUS 5 A. Introduction Participants will gain an appreciation of the role of risk management in the post crisis financial services industry. 1. Regulatory Context since 2008 2. Embedding Risk Best Practices B. Risk Governance Participants will gain an appreciation of the role of risk management in the post crisis financial services industry. SYLLABUS SUMMARY 1. Governance a. Origins of Corporate Governance b. Risk Governance and Strategic Planning c. Risk Governance Principles 2. People / Roles and Responsibilities a. The Board b. CRO c. Wider Reporting d. Systems and Documentation 3. Process a. Theory b. Risk Management Process c. Results 4. Risk Governance Developments Section Number of Questions Percentage in the Exam of the Exam A Introduction 2 3% B Risk Governance 6 10% C Risk Management Framework 12 20% D Risk Assessment 12 20% E Risk Information 12 20% F Risk Modeling 8 14% G Insurance Mitigation 2 3% H Case Studies 6 10% Total 60 100% C. The Risk Management Framework Participants will be able to describe the elements of a risk management framework and choose the elements to implement in their own workplace. 1. Risk Capacity a. Risk Capacity b. Resources and Risk Capacity c. Stress Testing and Simulation d. Setting the Risk Capacity 2. Risk Appetite a. Risk Appetite b. The Risk Appetite in an Organization c. An Example Risk Appetite Statement 3. Risk Policies a. Introduction to Policies b. Structure of a Risk Policy c. Risk Policies in an Organization d. Policy Coverage 4. Risk Pricing a. Risk Pricing Introduction b. Interaction with Internal and External Partners c. Capital Costs 5. Risk Culture a. Risk Culture b. Leadership and Risk Culture c. The Role of the Risk Management Function in Risk Culture d. The Place of Other Staff in Risk Culture e. Evaluating Risk Culture
D. Risk Assessment Participants will be able to manage an operational risk assessment program and apply it in their workplace. F. Risk Modeling Participants will be able to recognize how operational risk management can assist the overall business and add value. 1. Risk Assessment a. Risk Assessment Overview b. Risk Assessment Lifecycle 2. Risk Scenarios ( Top Down ) a. Top Down Identification b. Workshops c. Example Scenario (DR) 3. Process Models ( Bottom Up ) a. Control Identification (Linking Top-Down and Bottom-Up) b. Process Reviews c. Control Framework and Assessment 4. Operational Risk Issues a. Identify Issues and Design Actions Plan b. Issue Management c. Residual Risk d. Management Validation 5. Additional Risk Assessment Topics a. Risk Assessment of New and Expanded Products b. Risk Assessment and Third Party Services E. Risk Information Participants will be able to describe operational risk events, Key Risk Indicators (KRIs) and Reporting and create a KRI framework. 1. Introduction a. Risk Appetite and Risk Profile b. Expected Loss c. Unexpected Loss 2. Loss Investigations a. Operational Risk Incidents & Investigation b. Collecting Loss Data c. Quantifying Losses d. Boundary Issues e. External Loss Data 3. Key Risk Indicators (KRIs) a. Introduction to KRIs b. Selecting Appropriate KRIs c. Interdependent KRIs e. Implementing a KRI Framework 4. Risk Reporting & Toolsets a. Data Model b. Workflows c. Reporting 1. Capital & Risk Pricing a. Basel II and Operational Risk Capital b. Frequency and Severity c. Combining Approaches d. Capital Allocation G. Insurance Mitigation a. Insurance Mitigation Introduction b. Risk Taxonomy and Mapping c. Qualification Criteria of Insurance Mitigation d. Calculation of Capital Relief PREPARING FOR THE OPERATIONAL RISK MANAGER EXAM PRMIA Operational Risk Manager Certificate Handbook PRMIA Case Studies Available at no charge on the PRMIA website Operational Risk Manager Course Powered by NextThought The Operational Risk Manager Training Course helps you prepare for the exam. The online course brings online risk education in the web 2.0: to be social, interactive and engaging, by making use of the latest technology available. PRMIA has partnered with NextThought to reinvent the way you learn online: connected, efficient and mobile. The course combines video recordings, text, slide and multiple choice integration to offer the optimal study environment. 6 12/14