Operational Risk

Risk Management

The process of identifying, assessing, and controlling threats to an organisation's capital and operations.

Risk Assessment

The systematic process of evaluating potential risks in an organisation's operations, projects, or investments.

Third-Party Risk Management

The process of identifying and mitigating risks associated with outsourcing to third-party vendors.

Vendor Risk Assessment

Evaluating the potential risks of engaging with a vendor including security, financial, and operational concerns.

Know Your Customer

The process of verifying the identity, suitability, and risks of customers in financial transactions.

AI Impact Assessment

A systematic evaluation of the potential effects and risks of an AI system before and during its deployment.

The concept that data is subject to the laws and governance structures of the country where it is collected or processed.

An organisation's ability to build, assure, and review its technological integrity to ensure it can withstand all types of ICT-related disruptions and threats.

A legal concept giving individuals the right to request deletion of their personal data from organisations' records.

A set of principles, guidelines, and processes that an organisation adopts to ensure its AI systems are developed and deployed in a manner that is fair, transparent, and accountable.

A set of rules defining who can access specific resources and what actions they can perform.

An independent assessment of an AI system's compliance with regulatory requirements, ethical standards, and organisational policies, examining data, models, outputs, and governance.

A systematic evaluation of the potential social, economic, and civil rights impacts of an automated decision-making system before and after deployment.

A document defining the permitted use of an organisation's IT resources and networks.