Skip to main content
Image coming soon

The LOB Risk Specialist's RCSA-to-Issue Playbook

$199.00
Adding to cart… The item has been added

A focused course, tailored for you

The LOB Risk Specialist's RCSA-to-Issue Playbook

From the quarterly RCSA refresh through issue write-up, second-line challenge, and the OCC exam binder. Built for the LOB risk seat at a US regional bank.

The RCSA refresh that the business head will not push back on, the second line will not weaken, and the OCC examiner will not reopen.

$199 one-time
Tailored to your situation. Access within 24 hours. 30-day money-back.

Includes a hand-built implementation playbook delivered alongside course access, generated for your specific situation.

Why this course

The LOB risk specialist sits between three audiences. The first-line process owner who wants the RCSA done quickly and the residual rating to stay green. The second-line risk function that will challenge any rating that is not defended on paper. The regulator (OCC for a national bank) that asks for the workpaper trail when the exam scope hits your LOB. Most of the friction in the seat is not analytical. It is the gap between a corporate risk policy that defines fifteen risk categories at a holding-company level and a business line that has its own products, its own systems of record, and its own process owners who have never read the policy. The job is to translate one into the other, in writing, in a form that survives challenge. Doing that well is a learned skill. Doing it badly produces RCSAs that look fine until the second-line reviewer asks where the control owner sits, what the test of design was, and how a single residual rating covers two materially different sub-processes.

What you walk away with

  • Write an RCSA control description the process owner agrees with and the second line cannot weaken on a walkthrough.
  • Defend a residual risk rating in writing with a test-of-design and test-of-operation footprint the second line accepts.
  • Produce an issue write-up that ties to a specific RCSA line, a specific control failure, and a remediation owner with a date.
  • Select LOB-specific KRIs that the quarterly risk committee reads as signal and that map back to the RCSA categories.
  • Lay out the exam-response binder so the OCC reviewer finds the workpaper they asked for in under a minute.

The 12 modules

Module 1. The LOB risk seat in a US regional bank
Where the LOB risk specialist sits between first-line process owners, second-line operational risk, internal audit, and the regulator. The reporting line, the committee cadence (LOB risk committee, enterprise risk committee, board risk committee), and the artefacts each audience reads. What the seat owns end-to-end versus what it co-owns with second line. How the role differs at a top-five national bank, a super-regional, and a community bank holding company.
Module 2. Reading the corporate operational risk policy through an LOB lens
The corporate operational risk policy defines categories at a level that does not match the LOB's products. This module walks the translation step. How to map the policy taxonomy onto the LOB's process inventory, how to handle categories the LOB does not run (legal entity, model), and where the policy under-covers this LOB (third-party concentration, fraud loss). The translation memo the second line accepts as the bridge to the RCSA.
Module 3. The RCSA refresh cycle from kickoff to sign-off
The quarterly or annual RCSA refresh cycle as a project. Kickoff with the LOB head and direct reports. Process-owner interview list and the scheduling reality. The workbook structure: process, sub-process, inherent risk rating, control inventory, control test results, residual risk rating, action items. The sign-off flow: process owner, LOB risk committee, second-line challenge, formal acceptance. Dates, dependencies, and the three failure modes that make the cycle slip a quarter.
Module 4. Process-owner interviews that produce defensible control descriptions
The interview technique that distinguishes what the process owner says happens from what is documented in the procedure manual from what the application logs actually show. Question banks for transaction-processing controls, access controls, reconciliation controls, vendor controls. How to capture the control description verbatim and how to write it in a form the second line cannot weaken with a walkthrough. The follow-up evidence list that closes the gap between assertion and proof.
Module 5. Inherent and residual risk rating that survives challenge
The rating methodology applied to a real LOB process. How the inherent rating handles likelihood and impact across financial loss, regulatory, customer, and reputational dimensions. How the residual rating is defended in writing, not asserted. The test-of-design and test-of-operation footprint the second line expects. Common challenge patterns the second line uses (control owner ambiguity, frequency mismatch, evidence retention gap) and the rebuttal that closes each.
Module 6. Issue identification, write-up, and the remediation owner
The issue write-up that ties to a specific RCSA line, a specific control failure, and a remediation owner with a date. The narrative structure: condition, criteria, cause, consequence, recommendation. How issue rating (high, moderate, low) is defended against second-line and audit re-rating. The remediation plan that the action owner will actually deliver, not the plan written for the issue tracker. Closure evidence, validation by second line, and the audit re-test cadence.
Module 7. KRI selection and the quarterly LOB risk committee pack
KRI design that the LOB risk committee reads as signal, not noise. How to pick three to five KRIs per major risk category that map back to the RCSA inherent and residual ratings. Threshold design (green, amber, red) anchored to the LOB's loss tolerance, not a corporate default. The quarterly pack layout: one-page summary, KRI dashboard, issue heat map, RCSA refresh status, regulatory and audit findings tracker, emerging risk one-pager.
Module 8. Second-line challenge and the formal acceptance memo
What the second-line operational risk function does with the LOB RCSA and how to prepare for it. The challenge session: control inventory completeness, rating defensibility, KRI alignment, issue inventory completeness, action ownership. The challenge memo that the second line writes and the LOB's formal response. The escalation path when the second line and the LOB disagree on a residual rating, and the LOB risk committee's role in resolving it.
Module 9. Internal audit interactions across the RCSA cycle
Internal audit's independent view on the RCSA process itself and on selected high-risk processes inside the LOB. The audit annual planning meeting and how to surface the LOB's higher-risk processes early. The fieldwork window: workpaper requests, walkthrough scheduling, test attribute selection, finding draft review. The management response that does not over-commit on remediation dates and the audit follow-up calendar.
Module 10. OCC heightened-standards exam preparation for the LOB
The OCC's heightened-standards expectations as they land on the LOB. Pre-exam document request lists and the LOB's contribution. The exam-response binder layout: governance, RCSA workpapers, issue inventory, KRI history, third-party inventory for the LOB, regulatory change log. How to host an OCC walkthrough of a sample process, what the examiner is testing for, and how to handle a Matter Requiring Attention that lands on the LOB.
Module 11. Third-party and inter-affiliate risk inside the LOB RCSA
Third-party and inter-affiliate exposures that sit inside the LOB but are co-owned with vendor management and the holding company. The third-party inventory subset that belongs in the LOB RCSA, the inter-affiliate service agreements the LOB consumes, and the residual risk implication of a critical vendor outage. The escalation path to vendor management when the LOB's tolerance and the corporate vendor rating disagree.
Module 12. Annual risk appetite refresh, scenario analysis, and the year-end memo
The annual cycle that closes the year: a fresh look at the LOB's risk appetite statement, a scenario analysis for the top three LOB risks, the year-end risk memo to the LOB head and the second line, and the input to the holding-company risk appetite refresh. The narrative the LOB head will sign, the scenario design the second line will accept, and the memo that becomes the kickoff document for the next year's RCSA refresh.

How this addresses your situation

Specific modules that map to what you said you are dealing with.

Quarterly RCSA refresh week: modules 3, 4, 5 carry the cycle from kickoff through process-owner interview to residual rating.
Issue write-up week: modules 6 and 8 give the issue narrative, the remediation plan, and the second-line acceptance memo.
LOB risk committee pack week: module 7 designs the KRI pack, module 11 covers third-party exposure, module 12 closes with scenario and appetite.
OCC exam week: module 10 lays out the binder, module 9 handles internal audit's parallel view, module 2 surfaces the policy-to-LOB translation memo.

What you get with this course

  • Twelve written modules in the Art of Service learning environment with downloadable workbook templates for the RCSA, issue tracker, KRI pack, and exam binder.
  • Process-owner interview script bank with question sets for transaction-processing, access, reconciliation, and vendor controls.
  • Residual rating defence template with test-of-design and test-of-operation footprint examples.
  • Issue write-up template structured as condition, criteria, cause, consequence, recommendation.
  • Second-line challenge response and escalation memo templates.
  • OCC exam-binder layout with workpaper index and walkthrough prep checklist.
  • Hand-built implementation playbook tuned to a regional-bank LOB risk seat, delivered alongside course access.
  • Thirty-day refund window.

What you will have in hand by Day 1, Week 1, Month 1

Within 24 hours of purchase: learning-environment account provisioned and the hand-built implementation playbook delivered alongside it.

Week one: modules 1-4 carry the seat orientation and the RCSA-refresh kickoff.

Week two: modules 5-8 cover rating, issues, KRIs, and second-line challenge.

Week three: modules 9-12 carry audit, OCC exam prep, third-party, and the year-end memo.

Ongoing: workbook templates kept current as OCC heightened-standards guidance updates.

Before and after

Before

Quarterly RCSA refresh cycles slip a week or two on second-line challenge. Issue write-ups get rated down by audit. The LOB risk committee pack reads as inventory rather than signal. Exam binders are assembled the week before the OCC fieldwork starts.

After

RCSA cycle hits the sign-off date with the LOB head supportive and the second line accepting residual ratings on the first pass. Issue write-ups carry a remediation plan and a date the action owner will deliver. KRI pack reads as decision-grade. Exam binder is a standing artefact, refreshed quarterly, and the OCC reviewer finds the workpaper in under a minute.

What happens if you do not address this

The seat's value to the LOB and to second line is measured by how often the RCSA, the issue inventory, and the exam binder hold up to challenge without being reopened. When they reopen, the seat becomes a coordination function, not a risk function. Once that perception sets, the LOB head stops bringing the risk specialist into the decisions that matter and second line starts running its own parallel assessment.

Who it is for

An LOB Risk Specialist in a US regional bank. You own the risk assessment cycle for one business line. You run the RCSA refresh, write the issues, defend the residual ratings to second-line challenge, build the KRI pack for the quarterly LOB risk committee, and prepare the exam-response binder when the OCC scope includes your LOB. You have between two and seven years in the seat. You came from internal audit, from a first-line ops role, or from a different LOB's risk team. You read the corporate operational risk policy and the OCC heightened-standards guidance, and you spend most of your week with first-line process owners.

Who this is NOT for. Not for second-line operational risk policy writers at the holding-company level. Not for internal audit staff running independent assurance over the RCSA process. Not for first-line process owners. Not for credit risk, market risk, or model risk specialists, whose cycle and artefacts differ. The course is tuned to the operational and compliance risk subset of the LOB risk specialist seat.

How it arrives

Text-based course in the Art of Service learning environment, plus downloadable templates and worked examples for every module, plus the hand-built implementation playbook delivered alongside course access.

Time investment. Approximately twenty hours across three weeks for the written modules. Template adoption inside the LOB cycle is the practical work, typically a full quarterly refresh.

Why $199 is the right number

Most LOB risk specialists learn the seat by sitting next to a senior specialist for a year and absorbing the patterns. That works when the bench is deep. When the bench is thin or the cycle has just been re-staffed, the alternative is a written course that captures the patterns once. Internal training tends to cover policy and methodology at the holding-company level. This course covers the seat itself.

FAQ

Is this tuned to a national bank or a community bank?
The course is tuned to a national bank or large super-regional under OCC supervision with heightened standards in scope. The methodology applies at smaller institutions but the exam-binder and committee cadence assume an OCC heightened-standards environment.
Does it cover credit, market, or model risk?
No. The course is operational and compliance risk inside the LOB seat. Credit, market, and model risk follow different cycles and artefacts.
Will the templates conflict with my bank's existing RCSA tool?
The templates are tool-agnostic. They land as Excel workbooks and Word memos. The structure is designed to map into Archer, MetricStream, OpenPages, or an internal tool without re-engineering.
What does the implementation playbook actually contain?
A document tuned to the LOB risk seat at a US regional bank: the refresh-cycle schedule, the interview question banks, the rating defence footprint, the issue write-up template, the KRI selection worksheet, the exam-binder index, and the year-end memo skeleton.

30-day money-back guarantee. If after a week of working through the materials this is not what you needed, reply to the receipt email and a full refund is processed. No questions, no forms.

Within 24 hours your account in the learning environment is provisioned and the tailored implementation playbook is delivered alongside it.