Operational risk management analyst

A relatively simple definition of Operational Risk is the risk not being categorised as Market Risk or Credit Risks. It implies quite a wide scope of risks. IT risk is definitely one of the in scope risk areas. Operational Risk Managment, by its name, is to manage the operational risk exposed to a company or business, so as to allow an acceptable level of risks to be taken in carrying on a normal buisness. It is not to handle the risks but to analyse and manage the risk level.

There is statistical tool (mainly developed in the U.S.) to calculate operational risk level. However, operational risk managment can be done through describing the risk profile in documentation or by a relatively simple rating system. So, the analyst is not necessarily an IT people unless the risk management focused on technical IT issues. Most of them could be coming from Audit or Compliance background. If the company need to build up a sophisticated system to handle the operational risk management calculation or records, it might require a business analyst good at IT to handle the job.