What is the Value of Operational Risk Management?

Most companies only test their backups after a system fails. They buy Disaster Recovery provisions for computers only after a catastrophic event has impacted the business and only buy CCTV after a break-in has occurred.

The result is usually a patchwork of overlapping and gap-ridden investments reflecting past decisions. Rarely the provisions match the organization’s actual needs and these flaws are left exposed.

There are many good reasons for undertaking an Operational Risk Management program. Some are:

  • The changing environment invites new risks and dilutes old ones
  • Prospective customers expect risk management to be in place
  • IPO acquisitions require Operational Risk Management or devalue accordingly
  • The cost of even a brief period of downtime is now often considered unacceptable
  • Corporate governance is already under the audit spotlight


Operational Risk Management is a logical response to the following requirements:

  • Systematic – ensuring all risks are identified and treated appropriately
  • Repeatable – as part of a process that accommodates change
  • Auditable – documenting governance decisions
  • Entirely as the discretion of the business – you choose to accept or mitigate a risk based entirely on the evidence placed before you


You do already manage your exposure to operational risk in a number of ways, by locking your doors, closing your windows, and running anti-virus software. But these alone still leave your business with tremendous operational risks. The first important step is to be aware of the value of Operational Risk Management. In the next blog we will cover the next step, how Operational Risk can be managed.

Michael Herrera is the Chief Executive Officer (CEO) of MHA. In his role, Michael provides global leadership to the entire set of industry practices and horizontal capabilities within MHA. Under his leadership, MHA has become a leading provider of Business Continuity and Disaster Recovery services to organizations on a global level. He is also the founder of BCMMETRICS, a leading cloud based tool designed to assess business continuity compliance and residual risk. Michael is a well-known and sought after speaker on Business Continuity issues at local and national contingency planner chapter meetings and conferences. Prior to founding MHA, he was a Regional VP for Bank of America, where he was responsible for Business Continuity across the southwest region.

One thought on “What is the Value of Operational Risk Management?

  1. Pingback: data recovery uk

Leave a Reply

Your email address will not be published. Required fields are marked *

Business continuity consulting for today’s leading companies.

Follow Us

© 2024 · MHA Consulting. All Rights Reserved.

Learn from the Best

Get insights from almost 30 years of BCM experience straight to your inbox.

We won’t spam or give your email away.

  • Who We Are
  • What We Do
  • Blog