Proof of Concept

Based on the the Three Basic Rules discussed on the previous page and the Simple Risk Model, this site provides an automated Excel spreadsheet that demonstrates how an operational risk assessment can be performed and the risk values that would result from the assessment. The spreadsheet walks the user through the process of:

  1. Identifying the organization to be assessed and its risk profile/appetite
  2. Identifying the core processes within the organization
  3. Assessing the Impact or Criticality of these core processes
  4. Assessing the Vulnerabilities and Threats.

Risk Model Spreadsheet

Based on the input values, the spreadsheet then generates a high level, graphic report (see example above) that can be used for management reporting.

To download the spreadsheet, click here.

Another component of the Assess portion of the Operational Risk Framework is the classification of information.


©2009 ISRMC, LLC