Structured Techniques for Operational Risk Management.
STORM™ is a set of processes and procedures for managing operational risk, based on cross-innovation from the discipline of safety engineering.
All organizations face risks: technical, commercial, or in many cases, operational. These risks arise because circumstances may prevent the organization from carrying out its ordinary activities. In our highly-connected global world, the impact of even minor disruption to a system (whether technical or simply organizational) can have substantial impact.
STORM™ has been developed by Intelligent Systems / Altran to help a wide range of organizations – commercial, financial or administrative – manage their operational risk. It applies the best practices of the engineering, safety and security communities to help identify, quantify and mitigate all types of operational risk.
The key deliverables are a risk assessment and risk log, and a plan for mitigating those risks.
STORM™ provides means of managing low-frequency high-impact events which traditional operational risks methodologies fail to do.
Deploying visibly-robust risk management enables an organization to reduce the provisions that it makes against risks; freeing resources for other uses.
STORM™ enables organizations to realize this benefit by providing a rigorous approach to managing this important aspect of corporate governance.
- By using repeatable, well-established techniques, STORM™ encourages consistency and thus eases the comparison and prioritization of different risks.
- As the techniques used are documented and auditable, an evidence trail is generated which supports a case to internal or external or external regulators that risks are being managed effectively.
- The techniques used in STORM™ have been optimized over many years to minimize the cost and business impact of risk management.
- STORM™ takes into account organization structure and function as well as incident history; this enables low-frequency high-impact events to be addressed, where traditional operational risk methodologies fail.
An operating unit of a major financial institution sought to identify and track the risk to its operations arising from its IT infrastructure. Financial regulation increasingly demands that institutions operate rigorous risk control across their entire organization. In modern finance, availability of real-time IT systems and communications infrastructure is an essential part of successful operation and must be considered in that risk control programme.
Using STORM™, Intelligent Systems / Altran provided the client with a coherent assessment of the risk arising from its IT infrastructure, and an internal process for maintaining and tracking the on-going operational risk.