Operational Risk Considerations
When managing operational risks there are a number of areas that should be considered, for example:
- People Risks: e.g. is there a compartmentalisation of knowledge within the Unit or School around particular systems, tasks, etc?
- Inputs: e.g. does the School or Unit depend on information provided by a third party for some of its core functions?
- Outputs: e.g. have the critical outputs of the Unit / School been identified?
- Reputational Risk: e.g. is the School / Unit engaged in any activity that could generate negative publicity for the university?
- Financial Risks: e.g. is the School / Unit dependant on a narrow source of funding and if so how is the sustainability of same ensured?
- Safety Risks: e.g. has the School / Unit a Safety Statement in place?
- Insurance Risks: e.g. is all School / Unit equipment adequately insured?
- IT Risks: e.g. is sensitive data removed from the School / Unit on unencrypted laptops or memory keys?
- Outsourcing Risks: e.g. are external service providers adequately vetted?
- Fraud Risks: e.g. is fraud a possibility?
- Critical Dependencies: e.g. the loss or interruption of what services would stop the unit functioning for a long period of time?
- Business Continuity Risks: e.g. has the School / Unit a plan in place to deal with high sickness levels during a pandemic?
- Legal Risk: e.g. are all contracts signed by the School / Unit vetted first by the Legal Office?
Email (opens in a new window)sirc@ucd.ie for further advice on how to manage and minimise operational risks in your School or Unit.