Skip to main content
Image coming soon

The US Bank Operational Risk Practitioner Playbook

$199.00
Adding to cart… The item has been added

A focused course, tailored for you

The US Bank Operational Risk Practitioner Playbook

Tie RCSA, KRI, loss events, scenario analysis, and the Ops Risk Committee deck into one defensible narrative your CRO and the OCC examiner both read the same way.

The residual heat map on slide four of the Operational Risk Committee deck keeps coming back marked up. The CRO wants to see why the residual rating moved. The examiner wants to see how the RCSA, the KRI dashboard, the loss-event log, and the scenario library agree with each other. Right now they don't, and the rationale gets rewritten every cycle.

$199 one-time
Tailored to your situation. Access within 24 hours. 30-day money-back.

Includes a hand-built implementation playbook delivered alongside course access, generated for your specific situation.

Why this course

Senior operational risk practitioners inside US large banks spend most of their week reconciling artefacts that were built by different teams on different cadences. The first line runs RCSA workshops to a control taxonomy that drifted from the loss-event taxonomy two model versions ago. The KRI dashboard reports thresholds that were calibrated against a benign loss period and now flash green during real stress. Scenario analysis is run once a year by a small group, validated by model risk, and rarely revisited when a new loss event reveals a missing scenario. The Ops Risk Committee deck is the place where all of this is supposed to come together, and instead it is where the contradictions get exposed. The OCC heightened-standards review, the FRB CCAR operational-loss component, and the internal audit operational-risk pass all read the same artefacts and reach different conclusions. The fix is a single working chain that runs from risk statement to capital and is owned end to end. That is what this course teaches.

What you walk away with

  • Design an RCSA programme the first line will actually run and the second line can defend at committee.
  • Calibrate KRI thresholds that flash before a loss event hits the ledger, not after.
  • Build a loss-event taxonomy that reconciles to the general ledger and to the scenario library.
  • Run scenario analysis the model risk team will validate without three rounds of rework.
  • Write an Ops Risk Committee narrative the CRO can defend at the board and the OCC examiner reads cleanly.

The 12 modules

Module 1. The single working chain: risk statement to capital
Maps the operating chain a US-bank ORM function has to defend end to end. Risk statement, control inventory, RCSA residual rating, KRI threshold, loss-event coding, scenario analysis, capital allocation, Ops Risk Committee narrative. Names the owner at each step and the artefact that proves the link. Identifies the four points where most banks lose coherence and the one-page narrative that fixes them. Establishes the design constraints every later module operates against.
Module 2. RCSA design the first line will actually run
Walks through RCSA workshop design that produces defensible risk statements without burning out the first-line process owners. Covers risk statement structure, inherent rating scales calibrated to your bank's loss history, control-effectiveness criteria the first line can self-attest against, and residual rating logic that does not collapse to inherent minus control. Includes the moderator guide, the workshop deck template, and the residual challenge log second line uses to push back.
Module 3. Control inventory and the taxonomy reconciliation
The most common single point of failure in US-bank ORM frameworks is a control taxonomy that drifted from the loss-event taxonomy. This module walks through the reconciliation. Identifies the dozen control families that appear in every RCSA, maps them against the seven Basel loss-event categories your bank reports on, and builds the lookup that lets a single loss event roll up to the right RCSA risk statement automatically. Includes the reconciliation workbook.
Module 4. KRI calibration that survives a downturn
Most KRI thresholds were calibrated against the last benign period and flash green during real stress. This module rebuilds the calibration. Covers indicator selection from the loss-event log and the RCSA residual rating, threshold setting against a multi-cycle distribution, escalation paths that name the second-line approver, and the dashboard layout the Ops Risk Committee will read in two minutes. Includes the KRI charter template and threshold workbook.
Module 5. Loss-event coding that reconciles to the GL
If the loss-event log does not reconcile to the general ledger every month, the CCAR operational-loss component and the SMA capital calculation will be challenged. This module walks through the coding rules. Covers Basel category mapping, gross-loss versus recovery treatment, near-miss versus boundary event distinctions, the dual-coding workflow with finance, and the monthly attestation the controller signs. Includes the coding guide and the reconciliation template.
Module 6. Scenario analysis the model risk team will validate
Scenario analysis is the artefact model risk validators reject most often. This module builds scenarios that survive validation on the first pass. Covers scenario selection from RCSA top residuals and external loss data, expert workshop facilitation that produces defensible severity and frequency estimates, distribution fitting choices that document their own assumptions, and the validation package model risk needs. Includes the scenario template and validation checklist.
Module 7. External loss data and the public-event scan
Every US bank ORM function is expected to consume external loss data and document why each large public event is or is not relevant to its own portfolio. This module builds the public-event scan as a repeatable monthly process. Covers source selection, relevance scoring against your bank's product and geography mix, the documented rationale the OCC examiner expects, and the feed into scenario analysis. Includes the public-event log template.
Module 8. The Ops Risk Committee deck the CRO defends
The committee deck is where the working chain shows. This module rebuilds it. Covers the residual heat map that ties to RCSA, the KRI dashboard that ties to thresholds, the loss-event roll-up that ties to the GL, the scenario refresh that ties to model risk validation, and the one-page narrative on the front page that explains why the residual rating moved. Includes the deck template and the narrative-writing guide.
Module 9. Heightened standards readiness and the OCC examination loop
Covers the heightened-standards expectations the OCC applies to large banks, the artefacts a horizontal review will request, and the response posture that does not concede points unnecessarily. Walks through the typical exam timeline, the meeting cadence, the MRA and MRIA distinction, and the management response that closes findings without inviting new ones. Includes the artefact index and the response template.
Module 10. First-line and second-line operating model
Most US-bank ORM friction is operating-model friction. This module specifies the split. Covers risk statement ownership, control attestation responsibilities, KRI threshold approval, loss-event coding adjudication, scenario workshop facilitation, and the committee escalation path. Includes the responsibility-assignment matrix and the second-line challenge protocol that documents pushback without creating an adversarial file.
Module 11. AI, vendor concentration, and the emerging-risk register
Operational risk now has to absorb AI model failure, third-party concentration, and cyber resilience without losing the existing taxonomy. This module shows how. Covers the emerging-risk register that sits beside the RCSA without replacing it, the criteria that promote an emerging risk into the main framework, and the scenario translation that converts qualitative concerns into the same severity and frequency language the rest of the framework uses. Includes the emerging-risk register template.
Module 12. Board reporting and the CRO narrative
The committee deck flows up to the board risk committee through the CRO. This module covers the translation. Walks through the executive summary, the two-page board narrative, the heat-map abstraction that does not lose decision-relevant detail, the regulatory-context paragraph, and the questions the board chair will ask. Includes the board-pack template and the rehearsal questions list.

How this addresses your situation

Specific modules that map to what you said you are dealing with.

Module 1 establishes the working chain every later module slots into.
Modules 2-7 rebuild each artefact the chain depends on, in the order a working ORM function actually executes them.
Module 8 is where the artefacts come together in the committee deck.
Modules 9-12 handle the upstream pressure: examiner, operating model, emerging risk, board.

What you get with this course

  • Twelve text-based modules in the Art of Service learning environment.
  • Downloadable templates for RCSA, KRI, loss-event coding, scenario analysis, committee deck, board pack, and the responsibility-assignment matrix.
  • Worked examples for a US large-bank operational risk function across retail banking, commercial lending, and capital markets.
  • The hand-built implementation playbook tailored to your portfolio mix and current artefact state.

What you will have in hand by Day 1, Week 1, Month 1

Account provisioned and the tailored implementation playbook delivered within 24 hours of purchase.

Twelve modules available immediately, self-paced, no fixed schedule.

Templates downloadable from module one.

Implementation playbook addresses your portfolio mix, your current artefact state, and the specific reconciliation gaps the framework has to close.

Before and after

Before

The Ops Risk Committee deck is rebuilt every quarter from the same source artefacts that have never been reconciled. The residual rating logic gets re-explained at every meeting. Examiners and internal audit reach different conclusions reading the same artefacts. The CRO narrative is rewritten the night before.

After

RCSA, KRI, loss events, and scenario analysis run on a single reconciled taxonomy with named owners. The committee deck assembles in a day, not a week. The residual rating logic is one page that doesn't change. The CRO defends the narrative without rehearsal because it tracks the underlying artefacts.

What happens if you do not address this

The next OCC horizontal review will read the artefacts in sequence and find the contradictions the committee has been working around. CCAR operational-loss challenges and SMA capital challenges land in the same window. The MRA list grows. The CRO ends up defending an ORM framework that no longer reconciles to itself.

Who it is for

Senior practitioner inside a US large bank operational risk function. Reports into the second-line ORM head, who reports to the CRO. Has five to fifteen years in operational risk, audit, or control testing. Owns or co-owns at least one of: RCSA programme, KRI framework, loss-event taxonomy, scenario analysis, Ops Risk Committee deck. Lives in the gap between the first line's operating reality and the regulator's expectation of a coherent operational risk management framework.

Who this is NOT for. Not for first-line business risk officers running a single business unit's controls. Not for model risk validators focused on the quantitative side of AMA or SMA. Not for newcomers to operational risk who need foundational training. This course assumes the reader has already run RCSA workshops, owned KRI thresholds, and presented to a risk committee at least once.

How it arrives

Text-based course in the Art of Service learning environment, plus downloadable templates and worked examples for every module, plus the hand-built implementation playbook delivered alongside course access.

Time investment. Sixty to ninety minutes per module on a comfortable cadence. Most senior ORM practitioners run the course over two to three weeks alongside the day job, then use the templates as live working documents through the next committee cycle.

Why $199 is the right number

Free GARP and PRMIA articles cover the theory of operational risk management but stop short of the working artefacts. Big-four advisory engagements deliver a target operating model deck but rarely hand over the reconciled taxonomy or the KRI calibration workbook. Internal training programmes inside large banks focus on first-line awareness, not second-line practitioner depth. This course is the practitioner workbench in between.

FAQ

Is this aligned to a specific regulatory framework?
It is built against the US large-bank operating reality: OCC heightened standards, FRB SR letters on operational risk and model risk, CCAR operational-loss component, and the Basel SMA capital approach. The taxonomy and templates work for any US bank above 100 billion in assets.
Does this replace my GRC tool?
No. It runs on top of whichever GRC tool you use. The templates map cleanly to Archer, MetricStream, ServiceNow IRM, and Workiva. The course teaches the working chain. The GRC tool is the system of record.
How tailored is the implementation playbook?
Built by hand for your portfolio mix, your current artefact state, and the two or three reconciliation gaps the framework most needs to close. Delivered alongside course access. Not a generic checklist.
Refund?
Thirty-day money-back if the course does not match what is described here.

30-day money-back guarantee. If after a week of working through the materials this is not what you needed, reply to the receipt email and a full refund is processed. No questions, no forms.

Within 24 hours your account in the learning environment is provisioned and the tailored implementation playbook is delivered alongside it.